ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
94cff6ca03
TenantAtlas/specs/404-public-content-messaging/contracts/public-content-contract.md
ahmido c261b1c632 feat(website): tighten homepage messaging and trust flow (#398) 
## Summary
- tighten homepage messaging, hero support copy, trust teaser flow, and CTA routing for the website public-content rollout
- align shared website copy, smoke expectations, and spec 404 artifacts with the latest messaging pass
- replace the previously closed PR for `404-public-content-messaging`

## Commits
- `44d27395` feat(website): tighten homepage messaging and trust flow
- `1ddbd28b` feat(website): refine public content messaging rollout

## Validation
- `git diff --check`

## Notes
- local Playwright MCP output remains untracked and was not included

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #398
2026-05-25 20:35:33 +00:00

162 lines
7.4 KiB
Markdown
Raw Blame History

# Public Website Positioning Contract: Spec 404
This feature has no REST, GraphQL, Laravel, Filament, Livewire, Microsoft Graph, database, queue, job, policy, RBAC, or product runtime API contract.
The contract is the public static website behavior that reviewers and smoke checks must verify.
## Core Public Routes
The following default routes must render intentionally and expose Tenantial-specific content, metadata, and CTAs:
- `/`
- `/platform`
- `/pricing`
- `/contact`
- `/trust`
- `/legal`
- `/privacy`
- `/terms`
- `/imprint`
- `/welcome-to-docs/`
- `/guides/intro/`
- `/guides/getting-started/`
- `/guides/first-project-checklist/`
- `/platform/evidence-review/`
The following English mirrors must remain consistent where they are intentionally exposed:
- `/en/`
- `/en/platform`
- `/en/pricing`
- `/en/contact`
- `/en/trust`
- `/en/legal`
- `/en/privacy`
- `/en/terms`
- `/en/imprint`
- `/en/welcome-to-docs/`
- `/en/guides/intro/`
- `/en/guides/getting-started/`
- `/en/guides/first-project-checklist/`
- `/en/platform/evidence-review/`
Redirect-only aliases such as `/product` must continue to resolve intentionally and must not become a second competing product story.
## Homepage Positioning Contract
The homepage must satisfy:
- the hero clearly identifies Tenantial as policy governance for Microsoft 365 and modern cloud environments, or an equivalent policy-governance phrasing
- Microsoft 365 is presented as the first focus without collapsing the category to Intune-only messaging
- provider-extensible wording is allowed only as design or future direction, not live-support proof
- a trust teaser introduces auditability, evidence history, role-based access, review trails, or DACH evaluation readiness without false assurance
- an operating-model section makes the flow from observed state to evidence, detection, review, decision, and audit trail explicit
- a capability section explains policy evidence, drift/change detection, governance reviews, controlled recovery, provider readiness, and decision traceability rather than a narrow feature list
- audience messaging reaches MSPs, internal IT teams, and governance-minded evaluators, not only endpoint administrators
- a boundaries section makes clear that Tenantial is not an admin-center clone, not blind automation, and not a helpdesk or PSA replacement
- the final CTA offers a concrete next step with an intentional destination
## `/platform` Governance-Model Contract
The public `/platform` route must satisfy:
- explains the governance model more deeply than the homepage
- connects evidence, findings, drift, review, accepted risks or exceptions, controlled recovery, and audit trail into one public product story
- keeps Microsoft 365 first focus without promising unsupported providers as live integrations
- frames previews, screenshots, or product-like examples as static/demo/illustrative where needed
- does not import, inspect, or cite `apps/platform` as an implementation source
- does not imply that the public website connects to a provider, runs Microsoft Graph, or shows live tenant/customer data
## Provider Posture Contract
Public provider/domain wording must satisfy:
- Microsoft 365 is the current public focus
- Intune is one Microsoft 365 policy domain, not the umbrella product category
- Entra or other Microsoft domains may be described only when consistent with current route truth
- Google, AWS, and other non-Microsoft providers may appear only as architecture direction, future direction, or provider-extensible wording unless current support is verified
- roadmap or architecture-direction references must be clearly labeled as such
## Trust And Claim Guardrail Contract
Public copy must avoid unsupported claims about:
- German hosting
- DSGVO or GDPR compliance
- AVV or TOM availability
- ISO, BSI, NIS2, or similar certification
- Microsoft endorsement or partnership
- no customer data stored
- automatic restore, autonomous remediation, self-healing, or approval-free automation
- fake customer logos, fake testimonials, fake case studies, or fake compliance badges
Trust, FAQ, footer, and legal-adjacent copy should explain product boundaries calmly and conservatively without adding fake proof or fake workflows.
## Navigation And CTA Contract
Every public navigation item, CTA, footer link, docs link, and visible form-like control must satisfy:
- resolves to an intentional route, anchor, static asset, `mailto:` link, or legitimate external URL
- no public `href="#"` placeholders
- no navigation labels that imply production-ready pages which do not exist
- primary CTAs lead to contact, walkthrough, demo discussion, or another real next step
- secondary CTAs lead to product explanation, trust review, pricing review, or docs review
- localized routes remain in the current locale where a localized mirror exists
- labels avoid login, signup, account creation, checkout, subscription, instant provisioning, self-serve billing, or automated scheduling implications unless those workflows exist
## Metadata Contract
Each rendered canonical route must provide:
- Tenantial-specific page title and description
- policy-governance positioning rather than Intune-only framing
- route-appropriate canonical, Open Graph, and Twitter summary values
- no ScrewFast, construction, hardware, manufacturing, template, TenantAtlas, TenantPilot, or TenantCTRL residue in public metadata
- no unsupported provider, trust, proof, or automation claims in title, description, Open Graph, Twitter, schema, or docs metadata
- sitemap and robots behavior preserved from the launch-readiness baseline unless a website-scope correction is documented
## Docs Exposure Contract
Exposed docs routes must:
- contain intentional Tenantial-specific content or be hidden from public navigation
- reinforce the same policy-governance and claim-safe posture as the marketing routes
- avoid placeholder theme content and unsupported product behavior claims
- avoid support, legal, provider, compliance, or recovery commitments not supplied by current product/business truth
- remain clearly separate from `apps/platform` implementation documentation unless a future spec changes scope
## Product Preview Contract
Static product previews must:
- be framed as illustrative, static, or demo content where needed
- avoid implying live tenant/customer/provider data
- avoid internal Laravel/Filament implementation details
- avoid turning visual labels into runtime product taxonomy
- communicate meaning through wording and labeling, not color alone
## Browser And Accessibility Contract
Validated public routes must:
- avoid body-level horizontal overflow on representative desktop and mobile viewports
- keep primary navigation, CTAs, footer links, FAQ controls, and visible controls keyboard reachable
- show visible focus states for interactive elements
- remain understandable with reduced motion
- keep primary content and links usable if JavaScript fails where reasonably possible for a static marketing site
## Scope Contract
Implementation and validation must not touch:
- `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/platform`
- Laravel providers, migrations, policies, jobs, queues, database, Filament resources, Livewire components, Blade views, tenant/workspace/RBAC code, Microsoft Graph code, or AuditLog behavior
Scope proof command:
```bash
cd /Users/ahmeddarrazi/Documents/projects/wt-website && git status --short -- apps/platform
```
The command must print no output.
Reference in New Issue View Git Blame Copy Permalink