Notification API Reference

API endpoints for the notification system

Overview

Notification API endpoints live under apps/zooly-app/app/api/notifications/. All user-facing endpoints require cookie-based authentication via resolveAccountId. All endpoints support CORS based on ALLOWED_DOMAINS_CORS.

List Notifications

Returns recent notifications and unread count for the authenticated user.

Endpoint: GET /api/notifications/list

Auth: Required (cookie-based)

Query Parameters:

Param	Type	Default	Description
`limit`	number	5	Max notifications to return (max: 50)

Response (200):

Field	Type	Description
`notifications`	`Notification[]`	Recent notifications, newest first
`unreadCount`	`number`	Total unread notifications for this account

Errors: 401 — not authenticated

Implementation: apps/zooly-app/app/api/notifications/list/route.ts

Mark Notifications as Read

Marks one or all notifications as read for the authenticated user.

Endpoint: POST /api/notifications/mark-read

Auth: Required (cookie-based)

Request Body — one of:

Field	Type	Description
`notificationId`	`string`	Mark a single notification as read
`all`	`true`	Mark all notifications as read

Response (200): { success: true }

Errors:

400 — neither notificationId nor all provided
404 — notification not found or does not belong to the authenticated user

Implementation: apps/zooly-app/app/api/notifications/mark-read/route.ts

Process Email Notifications (Cron)

Picks up unsent notification emails, resolves recipient email via Cognito, and sends via SendGrid.

Endpoint: GET /api/notifications/process-emails

Auth: None (designed for cron scheduler)

Behavior:

Fetches up to 20 notifications where emailSent = false
For each notification, looks up the account's ownerUserId and calls Cognito AdminGetUser to get the email
Sends email via sendNotificationEmail() from @zooly/app-srv
On success, calls markEmailSent(notificationId) to prevent re-sending
Failed sends are logged but do not block processing of remaining notifications

Response (200):

Field	Type	Description
`processed`	`number`	Total notifications attempted
`sent`	`number`	Emails successfully sent
`skipped`	`number`	Notifications with no resolvable email
`failed`	`number`	SendGrid send failures

This endpoint has no auth gate. In production, secure it via network policy, API key, or cron-only access.

Implementation: apps/zooly-app/app/api/notifications/process-emails/route.ts

Notification System Overview — architecture and adding new notification types
Offers API Reference — offer endpoints that create notifications

Notification System Overview Admin Dashboard Overview

On This Page

Overview List Notifications Mark Notifications as Read Process Email Notifications (Cron)Related Documentation