AZ Azerbaijan / AZN
MUPZA OperatorOwner accountMU
M
MUPZAOSRestaurant OS command
Notification Rules

Templates require consent and audit

OTP SMS, WhatsApp, Telegram and email stay behind dry-run provider gates, consent rules and audit records. In-app LAN notifications keep kitchen, waiter and POS workflows moving without external providers.

Notification statusTemplates: 5Consent rules: 5External templates: 4External send in QA: false
OTP SMS templatetrue
WhatsApp consent requiredtrue
Telegram secrets blockedtrue
Email secrets blockedtrue
In-app LAN fallbacktrue
External send disabledtrue
Consent cannot block LANtrue
Manager bypass blockedtrue

Consent rules

consent_customer_whatsapp_order_statuswhatsapp / customer / order_statusOpt-in: true / audit: trueBlocks LAN: false

Customer WhatsApp order updates require opt-in and unsubscribe path.

consent_owner_otp_smsotp_sms / owner / otp_verificationOpt-in: false / audit: trueBlocks LAN: false

OTP is purpose-limited and expires quickly; LAN POS fallback is independent.

consent_staff_invite_emailemail / staff / staff_inviteOpt-in: false / audit: trueBlocks LAN: false

Staff invite is transactional and audited.

consent_in_app_lan_alertin_app / waiter / kitchen_alertOpt-in: false / audit: trueBlocks LAN: false

LAN in-app alert is operational and offline-safe.

consent_telegram_ops_alerttelegram / owner / ops_alertOpt-in: false / audit: trueBlocks LAN: false

Telegram ops alerts are owner/admin operational messages and never include secrets.

Provider rules

External providersDry-run by default, no external API mutation in QA.
Secret payload fieldsOTP codes, tokens, service accounts and passwords are blocked.
LAN continuityPOS, waiter, kitchen and printer bridge do not wait for notification providers.

Templates

owner_login_otp_v1otp_sms
owner -> otp_verification -> Twilio Verify or Firebase phone authConsent: false / audit: trueLAN fallback: falseBlocked fields: otp_code, provider_token, manager_pin

OTP is online-only and never blocks POS, waiter, kitchen or printer LAN workflows.

customer_order_status_v1whatsapp
customer -> order_status -> WhatsApp Cloud APIConsent: true / audit: trueLAN fallback: falseBlocked fields: manager_pin, approval_code, kitchen_private_note, cashier_drawer_reason

Customer WhatsApp messages require opt-in, template control and outbox audit.

staff_invite_v1email
staff -> staff_invite -> SMTPConsent: false / audit: trueLAN fallback: falseBlocked fields: temporary_password, service_account_json, smtp_pass

Staff invite email stays audited and never includes raw passwords or provider secrets.

kitchen_ready_lan_v1in_app
waiter -> kitchen_alert -> MUPZAOS Local HubConsent: false / audit: trueLAN fallback: trueBlocked fields: manager_pin, otp_code

Kitchen ready alert is LAN-safe and can run without external providers.

ops_alert_v1telegram
owner -> ops_alert -> Telegram Bot APIConsent: false / audit: trueLAN fallback: falseBlocked fields: telegram_bot_token, webhook_secret, database_url, firebase_service_account

Operations alerts can report status, never secret values.