Phaxio Go‑Live — One‑Pager

Organization: ___ Environment: Dev / Staging / Prod Date: _______

Contacts

  • Owner: _____ On‑call: _____ Provider Account: _______

Accounts & Legal

  • Phaxio account active (console access verified)
  • BAA executed (if handling PHI)
  • Provider document storage disabled (HIPAA)

Faxbot Configuration

  • FAX_BACKEND=phaxio
  • PHAXIO_API_KEY and PHAXIO_API_SECRET set
  • PUBLIC_API_URL uses HTTPS (resolves publicly)
  • Callback URL set to <PUBLIC_API_URL>/phaxio-callback
  • Signature verification enabled: PHAXIO_VERIFY_SIGNATURE=true (HIPAA)
  • API_KEY set; clients send X-API-Key

Security

  • ENFORCE_PUBLIC_HTTPS=true (HIPAA)
  • PDF_TOKEN_TTL_MINUTES set appropriately (default 60)
  • Audit logging enabled per policy (if required)

Networking

  • DNS and TLS valid (no warnings)
  • Callback reachable from internet

Smoke Test

  • Admin Console → Send: test PDF to known number
  • Status updates received via /phaxio-callback
  • Pages count matches expectations

Runbooks

  • Callback failure → verify signature header, endpoint reachability, secrets
  • PDF fetch failure → check token/TTL and PUBLIC_API_URL

Approvals

  • Security sign‑off:
  • Operations sign‑off:

References: Phaxio API v2.1 (create/send, webhooks), HIPAA — see Third‑Party page.

Copyright © 2024 Faxbot. Distributed under the MIT License.