ELVA Notify (elva-otp-service) is a Node.js + Express microservice that provides:
- OTP generation and verification — 6-digit codes stored as salted hashes in Redis, scoped per
appId and recipient.
- SMS delivery — via Fast2SMS (legacy free-text route
q, and DLT-compliant templated route dlt).
- Email delivery — via SendGrid.
- Unified notification API —
POST /notify for SMS and EMAIL in one contract.
- Business modules — isolated template catalogs (currently eNandi) with DLT metadata and variable validation.
- Structured logging — JSON logs with
requestId, provider, templateId, and category-based events.
The service is multi-tenant: every authenticated request carries appId and apiKey. OTP storage keys are namespaced as otp:{appId}:{recipient} in Redis.
ELVA Notify is deployed as the backend package (backend/). A separate frontend (frontend/) serves this documentation portal from docs/. External systems call REST endpoints on the backend; the service orchestrates Redis, Fast2SMS, and SendGrid.
elva-notify-platform/
├── backend/ # Express API
├── frontend/ # Documentation portal (Next.js)
├── docs/ # Markdown source (this folder)
└── package.json # Root orchestrator scripts
| Capability | Endpoint / Path | Provider | Notes |
|---|
| OTP Send | POST /otp/send | Fast2SMS / SendGrid | Not DLT-templated; uses free-text OTP message |
| OTP Resend | POST /otp/resend | Fast2SMS / SendGrid | Revokes prior OTP, then re-sends |
| OTP Verify | POST /otp/verify | Redis only | Consumes OTP on success |
| Legacy SMS | POST /notify + message | Fast2SMS route q | Free-text SMS |
| DLT SMS | POST /notify + business + templateKey | Fast2SMS route dlt | eNandi templates only |
| Email | POST /notify + subject + html/template | SendGrid | HTML or simple template |
| Health | GET /health | — | No authentication |
| Phase | Focus | Status |
|---|
| Phase 1 | Business Registry + eNandi module | Complete |
| Phase 2 | Template validation layer on /notify | Complete |
| Phase 3 | DLT SMS delivery via Fast2SMS | Complete |
| Phase 4 | Centralized structured logging (businessLogger) | Complete |
| Phase 5A | Core documentation portal (this set) | In progress |
| Future | Full doc portal UI, OTP→DLT migration, multi-business, WhatsApp | Planned |
| Document | Description |
|---|
| eNandi Business | Template catalog, DLT IDs, integration guide |
Implementation audits and migration reports live under docs/reports/. Filenames are preserved from each phase.
- Obtain
appId and apiKey from your ELVA administrator (APP_CREDENTIALS_JSON on the server).
- Read Authentication — credentials go in the JSON body, not headers.
- For OTP flows, start with OTP API.
- For transactional SMS with approved templates, use Notify API + eNandi Business.
- On errors, consult Error Codes.
| Symptom | Likely cause | See |
|---|
403 forbidden on all requests | Wrong appId/apiKey or missing APP_CREDENTIALS_JSON | Authentication |
502 sms_failed on OTP send | FAST2SMS_API_KEY missing or provider error | OTP API |
400 unsupported_business | Unknown business field on /notify | eNandi Business |
500 notification_failed on DLT | Provider rejection or missing DLT metadata | DLT Layer |
429 rate_limited | Global or OTP per-phone limits exceeded | OTP API |
OTP DLT delivery (Phase 8B+): When OTP_DLT_ENABLED=true and per-app dltEnabled: true, OTP SMS uses Fast2SMS route=dlt. Otherwise OTP falls back to route=q. See OTP DLT Migration and Observability. Operations dashboard: /platform/otp.
Credentials in body. appId and apiKey are sent in the request JSON body. Use HTTPS in production.
India SMS compliance. Legacy and OTP SMS may require DLT registration with your telecom provider. DLT template SMS via /notify uses approved eNandi template IDs.
