Connection readiness

Everything needed to wire RFJ into a real operating platform.

This page is the implementation checklist for connecting auth, encrypted data, payments, contracts, messaging, and AI without turning on unsafe fake workflows.

Connect

Auth

Magic-link/MFA provider, secure sessions, owner/client/prospect roles, RBAC middleware.

Connect

Database

Postgres/Prisma schema, encrypted PII fields, backups, audit-log table.

Connect

Payments

Stripe hosted invoices/checkout, deposits, rent ledger, webhook verification.

Connect

Contracts

E-sign provider or native signing flow, contract templates, signed PDF storage.

Connect

Messaging

Telnyx/SMS and transactional email provider, consent/opt-out, owner alert routing.

Connect

AI concierge

Approved knowledge base, escalation rules, conversation summaries, owner notifications.

Connect

Security

HTTPS/HSTS, secret management, field-level encryption, least-privilege API keys.

Connect

Compliance

Fair Housing, FCRA, California/local/HOA, privacy, accessibility, SMS/email compliance.

Environment contract

Required before live workflows.

DATABASE_URL

RFJ_FIELD_ENCRYPTION_KEY

RFJ_SESSION_SECRET

PAYMENT_PROVIDER_SECRET

PAYMENT_WEBHOOK_SECRET

RFJ_OWNER_EMAIL

RFJ_OWNER_PHONE

API contract

Routes to wire next.

POST /api/prospect/inquiries — Create encrypted inquiry, send owner alert draft, return booking status.

GET /api/owner/inquiries — Owner-only inquiry pipeline with audit trail.

POST /api/owner/inquiries/:id/decision — Approve, request info, decline, or advance to screening.

POST /api/payments/create-invoice — Owner-approved Stripe-hosted invoice only.

POST /api/contracts/create — Generate contract package from approved booking.

POST /api/messages/concierge — AI concierge response + escalation summary.

POST /api/maintenance/tickets — Guest maintenance ticket with urgency classification.