Identity systems sit on the critical path. When something goes wrong, the first question is rarely "what does the code do" and almost always "what actually happened in production".
What we want teams to be able to answer quickly
- Did the request reach the gateway?
- Which tenant and project did it target?
- Was it authorized, rejected, or rate-limited?
- Can we replay or export the evidence without special access?
Practical defaults
- Keep webhook delivery logs and a retry path.
- Provide exports that work with common workflows (CSV for spreadsheets, JSON for pipelines).
- Surface clear status messages when a feature is not enabled for a tenant.
If you are building internal tools on top of Lamba, start by integrating the exports and webhook endpoints into your existing dashboards. It is the fastest way to gain operational confidence.