Skip to main content
๐Ÿ””

Notifications Checklist for AI-Built Apps

Push, email, and in-app alerts

When you vibe code notifications with tools like Cursor, Lovable, Bolt, v0, or Claude Code, the generated code often works in development but misses critical production requirements. This checklist helps you catch what AI missed before you ship.

Danger Zone

high risk

The difference between helpful updates and getting banned for spam is thinner than you think

Sending a notification looks like one line of code. But actually doing it right means tracking what you already sent (so you don't spam), respecting user preferences across multiple channels, handling delivery failures gracefully, not waking people up at 3am, batching updates so one busy thread doesn't send 47 emails, and keeping track of what was delivered so you can debug "I never got that email" complaints. Miss any of this and you're either annoying users or missing critical alerts.

Failure scenario

Your app sends email notifications when someone comments. Works great at launch. Three months later, a popular thread gets 200 comments in an hour. Your code sends 200 individual emails to everyone watching that thread. Gmail flags you as spam. Now none of your emails โ€” including password resets โ€” reach anyone. Your domain reputation is tanked and takes months to recover.

Common mistakes

  • Sending the same notification twice because the code doesn't check what was already sent
  • No way for users to control what notifications they get โ€” it's all or nothing
  • Sending emails immediately for every event instead of batching updates from the same source
  • No rate limiting โ€” one active user or thread can trigger hundreds of notifications
  • Notifications going out at random times in user timezones (3am wake-up emails)
  • No tracking of what was delivered, so "I never got it" complaints are impossible to investigate

Time to break: 2-6 months before notification volume causes spam flags or user complaints

How are you building this?

Showing what to check when using a managed service

Audit Prompts

Copy these into your AI coding assistant to check your implementation.

Are you respecting user notification preferences?
reliability
Check how notification preferences work. Can users control what types of notifications they get? Are these preferences respected across all channels (email, push, SMS)? If someone unsubscribes from emails, do they actually stop getting them? Is there a record of what preferences each user has set? Are legal requirements (like unsubscribe links in emails) being followed?

Ignoring user preferences is how you get spam complaints. Too many complaints and email providers will block everything from your domain โ€” including critical emails like password resets.

Can the same event spam someone with notifications?
performance
Look at how we handle rapid-fire events. If 50 comments happen on one thread in an hour, does someone subscribed to that thread get 50 separate notifications? Is there batching (grouping updates together)? Is there a limit on how many notifications one user can get in a short time? What happens if someone mentions the same person 10 times in a row?

One busy user or thread shouldn't be able to flood everyone with notifications. Batching "50 new comments" into one notification is better UX and keeps you out of spam folders.

Are notification failures handled gracefully?
reliability
Check what happens when notifications fail. If an email bounces or a push notification can't be delivered, is it recorded? Does the system retry? If a notification service goes down temporarily, do queued notifications get lost or delivered later? Is there a way to see which notifications failed and why?

Email addresses change, phones get new numbers, push tokens expire. If failed notifications aren't tracked, users miss important updates and you can't debug why.

Are notifications timed reasonably?
reliability
Look at when notifications go out. Are time zones considered so users don't get emails at 3am? Are notifications batched so someone doesn't get woken up by multiple pings in the middle of the night? Can users set quiet hours? Are urgent notifications (like security alerts) distinguished from casual ones?

A 3am notification about a non-urgent comment is how you get uninstalls and bad reviews. Respecting time and urgency keeps users happy.

Checklist

0/10 completed

Smart Move

It depends

Notifications are tricky. For simple use cases (welcome emails, password resets), you can DIY with an email service. But if you need multi-channel (push + email + SMS), user preferences, batching, and delivery tracking, a service saves months of work. The breaking point is usually when you need push notifications or sophisticated preference management.

Knock

Handles email, push, SMS, and in-app notifications with user preferences and delivery tracking built in

10,000 notifications/month free

Novu

Open source notification infrastructure โ€” host it yourself or use their cloud, supports all channels

30,000 events/month free on cloud

OneSignal

Focused on push notifications for web and mobile โ€” great if that's your main channel

Unlimited push notifications on free tier

Customer.io

Better for lifecycle/marketing emails than transactional, includes segmentation and campaigns

Limited free tier for development

Tradeoffs

Services add another dependency and cost scales with volume. DIY gives full control but you're building preference management, delivery tracking, and batching yourself. If notifications are core to your product, a service is worth it. If it's just occasional emails, DIY is fine.

Did you know?

Email providers like Gmail and Outlook will block your entire domain if your spam complaint rate exceeds 0.3% โ€” that's just 3 complaints per 1,000 emails sent.

Source: Google Email Sender Guidelines 2024

Related Checks

โœ‰๏ธEmail

Send transactional and marketing emails

โšกLive Updates

Real-time sync without refreshing

๐Ÿ”Authentication

Sign up, log in, password reset, 2FA