Agree / document how tokens should be rendered from outside core

Ideally we would have one recommended api way to do this. This would be a way that is usable via api explorer and all the ways we use the api and core code would be converted to do things using that same api method

There is a documentation pr here - at the moment I don't think it meets this need.

Permissions & non-workflow rendering There is a question as to whether the api would support non-workflow messaging (in which case the api would likely be more like Message::render(). The argument against is that the permissions are more complex. However some notes on that

the most common use case is probably when checkPermissions = FALSE in php code.
there is an appropriate permission already in core

render templates' => [
        $prefix . ts('render templates'),
        ts('Render open-ended template content. (Additional constraints may apply to autoloaded records and specific notations.)'),
      ],

currently the v3 MessageTemplate.send api allows access to the core function - it required a messageTemplateID to be set - but this can probably be faked to allow 'any text'

Edited Oct 20, 2021 by eileen

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information