Skip to contentSkip to navigation

Delivery Setup

Own Auth Delivery is an optional managed service that sends magic links, verification emails, password resets, and organisation invitations.

When to use Delivery

Use Delivery if you don't want to set up an email provider. Instead of configuring SMTP credentials, you add a single delivery key and Own Auth handles the sending, queueing, and retries.

Use your own email provider if you need full control over email infrastructure, custom sender domains from day one, or if you'd rather not depend on a managed service.

1. Create a Delivery account

Create a Delivery account and open the Own Auth dashboard. This is separate from the own-auth package because Delivery is a managed service with its own dashboard.

2. Create an app

In the dashboard, create an app. The app name should match the product because it appears in emails sent to its users.

4. Get your delivery key

Go to the Keys tab and create a delivery key. Copy the key because it's shown once.

.env
OWN_AUTH_EMAIL_DELIVERY_KEY=oad_...

5. Configure Own Auth

In your auth.ts, configure managed email delivery with the delivery key. Set baseUrl to the website or app URL used to build auth links.

auth.ts
import { OwnAuthManagedEmailProvider, createOwnAuth } from "own-auth";

export const auth = createOwnAuth({
  tokenPepper: process.env.OWN_AUTH_TOKEN_PEPPER,
  baseUrl: "https://app.example.com",
  emailProvider: new OwnAuthManagedEmailProvider({
    deliveryKey: process.env.OWN_AUTH_EMAIL_DELIVERY_KEY
  })
});

That's it. Calls to requestMagicLink, requestEmailVerification, requestPasswordReset, and inviteMember now send email through Delivery instead of requiring your own email provider.

Send Auth Emails

ts
await auth.requestMagicLink({
  email: "user@example.com",
  redirectUrl: "/dashboard"
});
Own Auth methodEmail
requestMagicLinkMagic-link sign in
requestEmailVerificationEmail verification
requestPasswordResetPassword reset
inviteMemberOrganisation invitation

What Delivery does

Delivery sends auth emails. That's it. Specifically:

  • Receives the email request from the own-auth package running in your backend.
  • Sends the email with the auth link.
  • Queues and retries on temporary failures.
  • Logs the delivery status (accepted, delivered, failed).

What Delivery does not do

Delivery does not:

  • Create users.
  • Verify tokens.
  • Create sessions.
  • Touch your database.
  • Store your user data.
  • Make auth decisions.

Your backend runs own-auth, which creates the token and builds the auth URL. Delivery receives that URL and sends it in an email. The own-auth package in your backend does all the auth work.

Local Development

A delivery key works in local development and sends real emails. Delivery does not provide a sandbox mode. Use a local mail catcher through a custom email provider when development messages should remain on the local machine.

Use Your Own Email Provider

To stop using Delivery, replace OwnAuthManagedEmailProvider with an EmailProvider implementation backed by the email service or SMTP client used by the application. Auth method calls do not change.

auth.ts
import { createOwnAuth, type EmailProvider } from "own-auth";

const emailProvider: EmailProvider = {
  async send(message) {
    await emailClient.send({
      from: "My App <no-reply@example.com>",
      to: message.to,
      subject: "Continue to My App",
      html: `<a href="${message.url}">Continue</a>`
    });
  }
};

export const auth = createOwnAuth({
  tokenPepper: process.env.OWN_AUTH_TOKEN_PEPPER,
  baseUrl: "https://app.example.com",
  emailProvider
});

Next Step

Review Delivery Logs, or configure Hosted Links for a managed website or app bridge.