Dependencies
Before setting up the plugin, ensure you have the following dependencies:- A MongoDB database for storing notification templates and records
- Access to the Kafka instance used by the FlowX.AI Engine
- A Redis instance for caching notification templates
- An S3-compatible file storage solution (for example MinIO) if you need to attach documents to notifications
Authorization configuration
The Notifications plugin validates incoming tokens with the JWT public key mechanism. It does not initiate service-to-service calls, so it has no service-account client registration:MongoDB configuration
The only thing that needs to be configured is the DB access info, the rest will be handled by the plugin.Redis configuration
Notification Plugin uses Redis for caching. Configure Redis connection using the standard Redis environment variables. Quick reference:Both
SPRING_DATA_REDIS_* and SPRING_REDIS_* variable prefixes are supported. The SPRING_DATA_REDIS_* prefix is the modern Spring Boot standard and is recommended for new deployments.For advanced Redis deployment modes (Sentinel, Cluster) and SSL/TLS setup, see the Redis Configuration guide. Note that Sentinel and Cluster modes are only supported by the Events Gateway service.
Kafka configuration
Core Kafka settings
Consumer error handling
OAuth authentication (when using SASL_PLAINTEXT)
When using the
kafka-auth profile, the security protocol will automatically be set to SASL_PLAINTEXT and the SASL mechanism will be set to OAUTHBEARER.Topic naming configuration
Topic configurations
Each action in the service corresponds to a Kafka event on a specific topic. Configure the following topics:OTP topics
Notification topics
Audit topic
Resource usages topics
File storage configuration
Based on use case you can use directly a file system or an S3 compatible cloud storage solution (for example min.io). The file storage solution can be configured using the following environment variables:When using S3-compatible storage for notifications with attachments, the S3 user configured through
APPLICATION_FILESTORAGE_S3_ACCESSKEY and APPLICATION_FILESTORAGE_S3_SECRETKEY must have read access to multiple buckets beyond its own:Required bucket access:- Own bucket - defined by
APPLICATION_FILESTORAGE_S3_BUCKETPREFIX - Documents Plugin bucket - defined in the Documents Plugin configuration via
APPLICATION_FILESTORAGE_S3_BUCKETPREFIX - CMS Core public bucket - defined in the CMS Core configuration via
APPLICATION_FILESTORAGE_S3_BUCKETNAME - Integration Designer bucket - defined in the Integration Designer configuration via
APPLICATION_FILESTORAGE_S3_BUCKETPREFIX
SMTP setup
The Notifications plugin sends email over SMTP only. It does not support Microsoft 365 / Microsoft Graph authentication (Azure AD client secret or certificate). To send through Microsoft 365, configure a Microsoft Outlook data source in the Integration Designer — that path runs through the email-gateway and uses the MS Graph API. See Microsoft Outlook.
Advanced SMTP options
The notification plugin sends email through the simple-java-mail library, which auto-binds everysimplejavamail.* property — set them as environment variables the same way as the values above. The options below come up most often when connecting to corporate SMTP relays:
For the full list of available properties (connection pooling, embedded image resolution, and more), see the simple-java-mail configuration reference.
Email attachments configuration
Configure handling of email attachments:OTP configuration
Configure One-Time Password generation and validation:Logging configuration
Control logging levels for different components:CAS lib configuration
Usage notes
Topic naming convention
Topics follow a standardized naming convention:- Example:
ai.flowx.plugin.notification.trigger.generate.otp.v1 - Structure:
{package}{environment}.{component}.{action}.{subject}.{version}
Consumer error handling
WhenKAFKA_CONSUMER_ERRORHANDLING_ENABLED is set to true:
- The application will retry processing failed messages according to
KAFKA_CONSUMER_ERRORHANDLING_RETRIES - Between retries, the application will wait for the duration specified by
KAFKA_CONSUMER_ERRORHANDLING_RETRYINTERVAL
KAFKA_CONSUMER_ERRORHANDLING_RETRYINTERVAL is set to 5000 (5 seconds) and KAFKA_CONSUMER_ERROR_HANDLING_RETRIES is set to 5, the consumer application will make up to 5 attempts, waiting 5 seconds between each attempt.
Message size configuration
TheKAFKA_MESSAGE_MAX_BYTES setting affects multiple Kafka properties:
spring.kafka.producer.properties.message.max.bytesspring.kafka.producer.properties.max.request.sizespring.kafka.consumer.properties.max.partition.fetch.bytes
OAuth authentication
When using the ‘kafka-auth’ profile, the security protocol changes to ‘SASL_PLAINTEXT’ and requires OAuth configuration via theKAFKA_OAUTH_* variables.
Ingress and CORS
The Notification plugin is exposed externally on the admin host. Routing is configured through the FlowX Helm chart, which renders either a Kubernetes Ingress (default) or a Gateway API HTTPRoute per service. CORS handling lives in the service code; only the allowed-origins list is deployment-specific.Service route
The path is set through
services.notification-plugin.ingress.admin.path (or services.notification-plugin.gateway.admin.paths) in the chart values.
CORS configuration
Allowed methods, allowed headers (including
Authorization, Content-Type, Fx-Workspace-Id), and credential handling are baked into the service’s application.yaml with safe defaults. Override these only if you have a non-standard requirement.
For the complete route reference, Gateway API HTTPRoute configuration, and route customization, see the ingress configuration guide.
Troubleshooting
Common issues
Notifications not being sent
Notifications not being sent
Symptoms: Notification requests are accepted but emails or messages are never delivered.Solutions:
- Verify Kafka topics are correctly configured and the notification plugin is consuming from
KAFKA_TOPIC_NOTIFICATION_INTERNAL_IN - Check SMTP configuration (
SIMPLEJAVAMAIL_SMTP_HOST, port, credentials) and ensure the SMTP server is reachable from the pod - If using the Email Gateway for forwarding, verify
KAFKA_TOPIC_NOTIFICATION_EXTERNAL_OUTis configured and the Email Gateway is running - Check application logs for delivery errors by setting
LOGGING_LEVEL_APPtoDEBUG
OTP generation fails
OTP generation fails
Symptoms: OTP requests return errors or no OTP is generated.Solutions:
- Verify OTP configuration values (
FLOWX_OTP_LENGTH,FLOWX_OTP_EXPIRETIMEINSECONDS) are set correctly - Check that Kafka topics
KAFKA_TOPIC_OTP_GENERATE_INandKAFKA_TOPIC_OTP_GENERATE_OUTare created and accessible - Ensure MongoDB is reachable and the notification plugin database has write permissions
- Verify Kafka consumer group
SPRING_KAFKA_CONSUMER_GROUPIDis not conflicting with another instance
Notification templates not rendering
Notification templates not rendering
Symptoms: Notifications are sent but contain raw template syntax or missing values.Solutions:
- Verify substitution tags in the template match the keys provided in the notification request payload
- Check that the Thymeleaf engine is functioning by reviewing logs at
LOGGING_LEVEL_THYMELEAFset toDEBUG - Ensure the template exists in MongoDB and is in the correct format
- Verify Redis cache is not serving stale templates — clear the cache or restart the plugin if templates were recently updated
Firebase push notifications not working
Firebase push notifications not working
Symptoms: Push notifications are not delivered to mobile devices.Solutions:
- Verify Firebase Cloud Messaging credentials are correctly configured
- Check that the target device has a valid FCM registration token
- Enable FCM client logging by setting
LOGGING_LEVEL_FCM_CLIENTtoDEBUGto inspect request/response details - Ensure network policies allow outbound HTTPS traffic to Firebase servers (
fcm.googleapis.com)
Related resources
Sending Notifications
Learn how to configure and send notifications from your processes
Email Gateway Setup
Configure the Email Gateway for inbound and outbound email processing
Redis Configuration
Complete Redis setup including Sentinel and Cluster modes

