Skip to main content

Overview

The Notifications API manages real-time alerts for vulnerability assignments, status changes, comments, and team activity. Notifications appear in the dashboard header and provide quick navigation to relevant resources.

Server Actions

getNotifications

Retrieve recent notifications for the authenticated user. Returns:
success
boolean
Whether the operation succeeded
data
object
Notification data object
Example: 
import { getNotifications } from '@/app/actions/notifications'

const result = await getNotifications()

if (result.success) {
  const { notifications, unreadCount } = result.data
  console.log(`You have ${unreadCount} unread notifications`)
}

markAsRead

Mark a specific notification as read.
notificationId
string
required
The ID of the notification to mark as read
Returns:
success
boolean
Whether the operation succeeded
Example: 
import { markAsRead } from '@/app/actions/notifications'

const result = await markAsRead('notif_123')

markAllAsRead

Mark all unread notifications as read for the current user. Returns:
success
boolean
Whether the operation succeeded
Example: 
import { markAllAsRead } from '@/app/actions/notifications'

const result = await markAllAsRead()

deleteNotification

Delete a specific notification.
notificationId
string
required
The ID of the notification to delete
Returns:
success
boolean
Whether the operation succeeded
Example: 
import { deleteNotification } from '@/app/actions/notifications'

const result = await deleteNotification('notif_123')

createNotification

Create a new notification (typically used by other server actions).
data
object
required
Notification data object
data.userId
string
required
ID of the user to notify
data.type
string
required
Notification type (e.g., VULNERABILITY_ASSIGNED, STATUS_CHANGED, COMMENT_ADDED)
data.title
string
required
Notification title
data.message
string
required
Notification message body
data.link
string
Optional link to related resource
Returns:
success
boolean
Whether the operation succeeded
data
object
The created notification object
Example: 
import { createNotification } from '@/app/actions/notifications'

const result = await createNotification({
  userId: 'user_123',
  type: 'VULNERABILITY_ASSIGNED',
  title: 'New vulnerability assigned',
  message: 'CVE-2024-1234 has been assigned to you',
  link: '/dashboard/vulnerabilities/vuln_123'
})

Notification Types

Triggered when a vulnerability is assigned to a user. Includes link to the vulnerability detail page.
Triggered when a vulnerability status changes (e.g., OPEN → IN_PROGRESS → RESOLVED). Notifies assigned user and vulnerability creator.
Triggered when someone comments on a vulnerability the user is involved with (created or assigned to).
Triggered when a non-admin user creates a vulnerability that requires admin approval.

Notification Schema

Each notification object contains: 
interface Notification {
  id: string
  type: string
  title: string
  message: string
  read: boolean
  link?: string
  userId: string
  createdAt: Date
}

Security

  • All notification operations are scoped to the authenticated user
  • Users can only access their own notifications
  • createNotification is used internally by other server actions
  • Revalidates dashboard cache after mutations

Integration Example

// In vulnerability assignment action
import { createNotification } from '@/app/actions/notifications'
import { sendEmail } from '@/lib/email'

export async function assignVulnerability(vulnId: string, userId: string) {
  // ... assign vulnerability logic ...
  
  // Create notification
  await createNotification({
    userId,
    type: 'VULNERABILITY_ASSIGNED',
    title: 'New vulnerability assigned',
    message: `${vulnerability.title} has been assigned to you`,
    link: `/dashboard/vulnerabilities/${vulnId}`
  })
  
  // Send email notification
  await sendEmail({
    to: user.email,
    subject: 'New vulnerability assigned',
    template: 'vulnerability-assigned',
    data: { vulnerability, user }
  })
}

Vulnerabilities

Assignment triggers notifications

Comments

Comments trigger notifications

Build docs developers (and LLMs) love

Get started for freeTalk to us