Known Limitations

Overview

Korta is production-deployed but still evolving. The current architecture prioritizes simplicity, low cost, and developer clarity over advanced scale features.

Current limitations

Free-tier infrastructure constraints

• Impact: Throughput, cold starts, and latency can vary under burst traffic.
• Workaround: Keep rate limits active, monitor usage, and avoid heavy background workloads.
• Planned fix: Move to paid resources and tune service sizing when sustained traffic grows.

Single-region backend/database setup

• Impact: No geo-redundancy or regional failover; outages affect all users.
• Workaround: Monitor health checks and keep operational runbook ready for fast recovery.
• Planned fix: Introduce multi-region strategy and failover planning.

Limited analytics depth

• Impact: Only basic click counts are available (no advanced dimensions like referrer/device/geo).
• Workaround: Use click totals for early-stage validation.
• Planned fix: Extend analytics schema and reporting endpoints.

No refresh-token/session invalidation layer

• Impact: JWT sessions are short-lived but there is no token revocation list.
• Workaround: Re-authenticate on expiration; rotate API keys when needed.
• Planned fix: Add refresh tokens and optional server-side session revocation.

Tight dependency on external services

• Impact: OAuth, email delivery, and hosting provider issues can affect user flows.
• Workaround: Keep provider configs validated and maintain fallback operational steps.
• Planned fix: Add provider abstraction and stronger outage playbooks.

Manual operations and observability maturity

• Impact: Incident response still depends on manual checks/log review.
• Workaround: Use /api/v1/health, deploy logs, and structured checks after release.
• Planned fix: Add automated alerting, dashboards, and CI/CD quality gates.