​

Go-Live Checklist

​

What you’ll learn

• Every configuration that needs to be verified before go-live
• Common issues that cause launch-day problems
• How to validate each area

​

Provider Configuration

• All providers have production credentials — staging credentials will not work in production. Switch each provider from staging to production API keys
• Connection tests pass for every provider — go to Settings, Providers, and click Test Connection on each active provider
• Timeout and retry settings are tuned — production providers may have different response times than staging. Set timeouts to at least 30 seconds and max retries to 3
• Batch mode is configured correctly — if your screening provider supports category batch mode, verify it is enabled to avoid redundant API calls

​

Verification Flows

• All flows are tested end-to-end — run each flow with realistic sample data in the staging environment and verify every node produces expected results
• Decision logic is correct — verify that auto-approve, manual review, and rejection paths all route correctly
• Error paths are handled — test what happens when a provider is unavailable or returns an error. Verify that failed checks generate appropriate alerts in Case Management
• Screening thresholds are set for production — testing thresholds (70%) may be too loose for production. Review and tighten as needed (80-90%)

​

Webhooks

• Webhook endpoint URL is configured — provide Zenoo with your production webhook URL
• Webhook secret is stored securely — stored in an environment variable or secrets manager, not hardcoded
• Signature verification is implemented — your endpoint validates the X-Zenoo-Signature header on every incoming request
• Endpoint responds within 30 seconds — test under load to verify your endpoint does not time out
• Idempotency is implemented — your handler uses journey_id + event_type to deduplicate events

​

Branding

• Logo uploaded — correct format (PNG/SVG), correct dimensions, transparent background
• Brand colors set — primary, background, text, and accent colors match your brand guidelines
• Welcome message customized — clear, professional, and explains what the customer needs
• Completion message customized — does not reveal the verification outcome
• Email templates customized — invitation, reminder, and confirmation emails use your brand voice
• Mobile preview tested — verify the experience looks correct on mobile devices

​

Case Management

• Compliance team has access — all analysts, reviewers, and officers have the correct permission sets assigned
• SLA thresholds configured — verify SLA due dates, warning periods, and auto-escalation rules match your policy
• Reviewer assignments set up — senior reviewers and escalation targets are configured
• Auto-triage settings reviewed — if enabled, verify which alert types are auto-triaged and auto-disposed
• Audit trail is working — create a test case, resolve it, and verify the full audit trail is captured

​

Team & Permissions

• Team members are invited — all users who need access have active accounts
• Roles are assigned correctly — analysts, senior reviewers, and officers have the right permission levels
• Escalation paths are clear — each analyst has a manager configured for auto-escalation
• Notification preferences are set — email notifications and in-app notifications are enabled for relevant events

​

Monitoring & Alerts

• SLA monitoring is scheduled — the nightly SLA batch job is active and will run daily
• Error alerting is configured — you will be notified if a provider goes down or a critical flow fails
• Analytics dashboards are accessible — team leads and compliance officers can view the analytics hub

​

Final Steps

​

What’s next?