Integrations
Integrations & sales channels
OS Kitchen centralizes incoming orders without pretending unsupported channels are live. Connect real credentials when you're ready — or rehearse with simulated demo data.
Capability matrix
Statuses are engineering-sourced — not a legal warranty. Marketplace, payments, and hardware features require your configuration, partner contracts, and operational verification.
| Capability | Status | What works | Honest gaps / prerequisites |
|---|---|---|---|
| WooCommerce order import | Beta | Signed webhooks, catalog sync hooks, normalized external orders when configured. | High-volume sites should enable WEBHOOK_ASYNC_QUEUE + cron worker — see webhook architecture doc. |
| Shopify order import | Beta | Signed webhooks for orders/products; tenant routing via shop domain. Async queue supported when WEBHOOK_ASYNC_QUEUE=true (same worker as WooCommerce). | End-to-end production certification is tenant-specific — validate HMAC, topics, and idempotency per shop. |
| Uber Eats marketplace | Partner access required | Adapter + staging paths exist for evaluation; not a certified production Uber integration. | Requires Uber partnership, legal review, and live signing contract before marketing as available. |
| Uber Direct dispatch | Roadmap | Routing placeholders and documentation only. | No live courier dispatch — do not promise Uber-branded delivery without Uber Direct onboarding. |
| DoorDash | Roadmap | Preparation-only integration page; no live quote, delivery, or import. | Treat any UI mention as placeholder until a signed integration program exists. |
| Grubhub | Roadmap | Preparation-only integration page; no live menu sync or order ingestion. | Credentials do not unlock live provider traffic — placeholder-only by design. |
| Stripe Checkout (billing & storefront) | Not available | Server SDK paths for subscriptions and storefront checkout when keys + webhook secret exist. | LIVE requires real production charges, reconciliation, and monitoring — not auto-certified here. |
| Stripe Terminal (hardware) | Roadmap | OS Kitchen POS uses first-party flows — not Stripe Terminal SDK. | No Stripe reader certification in-repo; external terminal mode refers to OS Kitchen counter UX only. |
| Stripe billing webhooks (async / outbox) | Design-ready | Production today uses synchronous Stripe webhook handling with existing idempotency guards where implemented. | Async billing ingestion requires an approved outbox + idempotency migration — documented only in this release pass; do not claim async Stripe until shipped. |
| Resend email | Not available | Transactional templates when API key + from address configured. | Deliverability (SPF/DKIM) and bounce handling are operator responsibility. |
| SMS notifications | Not available | Channel enum placeholder only. | No production SMS provider wired — disable any marketing claim of SMS alerts. |
| Google Maps | Not available | Embeds when server key present. | Quota, billing, and key restrictions live in Google Cloud console. |
| OpenAI | Roadmap | Optional model-backed assist when key present; deterministic fallbacks otherwise. | Enterprise DPA / data processing terms are separate from OS Kitchen software readiness. |
| POS offline mode | Beta | Cash / mark-paid sales queue in IndexedDB by default and sync with idempotent replay when online. | Card capture and certified hardware offline are not shipped; inventory conflicts may require manual review. |
| Native storefront | Beta | Preorder surfaces, themes, Stripe-backed checkout when configured. | Large catalog performance and SEO should be validated per deployment. |
| Custom domain / vanity host | Setup-ready | Middleware rewrite paths when DNS + env secrets configured. | Certificate and DNS ownership are operator-side responsibilities. |
| CSV import / export | Partial | Moderate-size CSV flows via import center and exports. | Huge files need object storage + background workers — see background jobs doc. |
| Workspace API keys | Beta | Developer surface issues keys for authenticated automation where implemented. | Public API rate limits and audit coverage continue to harden — see security doc. |
| Webhook replay | Beta | Audited replay for WooCommerce/Shopify when async queue or inline path applies; platform operators need platform:integrations:repair. | Replay can duplicate commerce side effects if partner idempotency keys are absent — treat as break-glass. Stripe billing webhooks remain synchronous until async outbox ships (see capability matrix). |
| SSO (SAML/OIDC) | Roadmap | — | Enterprise roadmap — trust page must not imply SSO is live. |
| SCIM directory sync | Roadmap | — | Not implemented. |
| SOC 2 certification | Roadmap | Operational and security foundations documented. | No formal SOC2 attestation is claimed by OS Kitchen in product copy. |
| DPA / export / delete workflows | Partial | Legal templates + policy gating via LEGAL_POLICIES_PUBLISHED; data-rights pages describe process. | Legal counsel must approve production copy; automated self-serve DSR pipeline is partial. |