IxDF Developer Docs

Appearance

Notification Delivery

In-App Notifications

In-app notifications are displayed within the platform UI (not via email/SMS). They will appear in the members notification center.

Storage

In-app notifications are stored in the notification__in_app table in database. Each notification includes:

  • Title and Body: The main notification content (title is optional, body supports up to 1000 characters)
  • Call-to-Action (CTA): Optional button with text and URL (validated to prevent XSS attacks)
  • Tags: Optional categorization (e.g., ["course", "achievement"])
  • Priority: Four levels available: Low, Normal (default), High, and Urgent
  • Read/Click Tracking: Timestamps for when the notification was read or clicked
  • Expiration: Optional expiration date for auto-cleanup

Security

  • URLs are validated to prevent XSS attacks (blocks javascript:, data:, vbscript: schemes)
  • Only http:// and https:// URLs are allowed
  • Character limits enforce database constraints

Notification Lifecycle

  1. Notification is created through the standard Laravel notification system
  2. Stored in database via InAppNotificationChannel
  3. Displayed in user's notification center UI
  4. Marked as read when user views it
  5. Marked as clicked if user interacts with CTA
  6. Optionally expires and is cleaned up

Email service

We use Mailgun.com's API to send emails. We also use the mailgun bulk API to send newsletters in bulk.

Security

We use mxtoolbox.com to configure, validate, and monitor our DMARC policy. DMARC is a security policy used to prevent email spoofing, using SPF & DKIM. It also helps email delivery, by eliminating the chance of blacklisting & spamming.

SPF

SPF is the part that matches the from address against spoofers. It's a DNS TXT record that lists all the services & IP addresses that can send emails on our behalf.

We're using DigitalOcean to set the DNS record.

DKIM

DKIM is the part that matches the content of the email against spoofers.

Currently, there are two ways to setup DKIM:

  1. Through mxtoolbox.com (for Mailgun and GSuite)
  2. Using CNAMES on DigitalOcean (for MailerLite)