Notifications & offline
Covenant computes what to send (questionnaire invites, reminder cadences) locally. Delivering the message is the one networked step — and it works two ways depending on whether you're signed in.
Two modes, one behavior
| Mode | When | What happens |
|---|---|---|
| Live cloud | Signed in to the cloud tier | The send goes through the shared notification service (POST to the send endpoint) and reminders are registered as scheduled jobs. The confirmation shows the recipient masked (e.g. v***@vendor.com). |
| Local stub free / offline | Signed out or offline (the default) | The intended delivery is recorded in a local outbox in your browser so the send → capture loop still closes and you can see exactly what would be sent. Nothing leaves the browser. The confirmation says "Send simulated locally." |
Delivering links yourself (offline)
In stub mode, after you click Send to vendor portal, deliver the link manually:
- On the vendor's questionnaire card, open the open portal ↗ link to preview it.
- Copy the URL from your browser's address bar.
- Email it to your vendor contact. The link is self-contained (the signed token is in it).
- When they return the response code, paste it into Import response. See Vendor email portal.
What's in a notification payload
Payloads are secret-free by construction: only a template id and template variables (vendor/requester names, the portal link, due dates). There is a defense-in-depth guard that refuses to send if the payload appears to contain a secret (an API key pattern) or a personal identifier (an SSN pattern). Targets stored in the local outbox are masked, never stored verbatim.
BAA reminders
The BAA renewal panel computes which reminders would fire today and on what cadence (90/60/30-day). In live mode these become scheduled jobs; offline they are queued in the outbox so you can see the plan. See BAA tracking → renewal calendar.