Customer Visibility¶

Customer visibility gives shippers and customer users controlled access to shipment status, timeline, POD, and enabled reports without exposing internal operational notes.

What Customer Users See¶

Customer portal login and session.
Shipment list and detail.
Customer-safe timeline.
Accepted POD descriptor access after operations review.
Enabled delivery-summary report access.
Download records and access audit.

What Tenant Admins Control¶

The /customer-portal/admin slice is designed for tenant administrators to manage customer portal users, customer account membership, notification preferences, and visibility rules.

Notification Direction¶

The current local slice includes provider-ready Resend/Twilio adapters with local-file proof for email, SMS, and WhatsApp delivery. Production sender credentials, callbacks, rate limits, and monitoring remain production readiness work.

Current Build Proof¶

The current build has local Phase 06 evidence for /customer-portal and /customer-portal/admin, including customer-scoped shipment APIs, accepted POD descriptor access, signed download streaming through MinIO/S3-compatible storage, access audit records, cross-customer denial, focused tests, and Chromium smoke.

Production notification credentials, production bucket policy and retention proof, customer invitation delivery, support readiness, and production/staging rollout remain separate gates.