Thrive Pilot

Description

A Next.js pilot platform for a coaching program: admin-managed onboarding (invite → consent), secure mentor ↔ participant messaging (Twilio SMS + inbound/status webhooks), and Garmin data ingestion (OAuth connect + Health API webhooks). Built on Supabase Auth + RLS with a weekly report pipeline and background email queue.

• Next.js
• TypeScript
• Supabase (Auth + RLS)
• Twilio
• Garmin Health API
• Resend
• OpenAI
• Sentry
• Vercel

Challenges

Designing a workflow that’s safe by default (invite → consent → messaging), enforcing permissions via Supabase RLS across multiple roles (admin/mentor/participant), and integrating external systems safely (Twilio signature-verified webhooks, Garmin OAuth + push webhooks) without losing data integrity or auditability.

Solution

A Next.js app backed by Supabase for auth/data (with RLS), plus a set of focused API routes for operational workflows: admin invites store participant metadata, consent acceptance creates the participant record, SMS send persists messages and Twilio webhooks keep threads/statuses in sync, Garmin connection flows ingest wearable metrics, and weekly reports are generated from metrics/templates with an admin revision step (optionally assisted via LLM) and sent through a queued email pipeline.

Outcome

A working pilot with clear API boundaries and production-minded ops (idempotent webhook writes, audit logs, and cron-driven queue processing), ready for iteration: tightening UX, expanding analytics/reporting, and hardening based on real participant/mentor feedback.