Delivery Setup
Own Auth Delivery is an optional managed service that sends magic links, verification emails, password resets, and organisation invitations.
When to use Delivery
Use Delivery if you don't want to set up an email provider. Instead of configuring SMTP credentials, you add a single delivery key and Own Auth handles the sending, queueing, and retries.
Use your own email provider if you need full control over email infrastructure, custom sender domains from day one, or if you'd rather not depend on a managed service.
1. Create a Delivery account
Create a Delivery account and open the Own Auth dashboard. This is separate from the own-auth package because Delivery is a managed service with its own dashboard.
2. Create an app
In the dashboard, create an app. The app name should match the product because it appears in emails sent to its users.
3. Configure link mode
In the Settings tab, under Link mode, choose how auth links in emails should work.
| Mode | Behavior |
|---|---|
| My URLs | Links point directly to the configured website, localhost, or app URL. Add every accepted root under Allowed URLs. |
| Own Auth hosted | Links point to go.own-auth.com before continuing to the website or app destination saved in the dashboard. Set the destination URL and an optional fallback URL. |
See Hosted Links for hosted-link setup.
4. Get your delivery key
Go to the Keys tab and create a delivery key. Copy the key because it's shown once.
OWN_AUTH_EMAIL_DELIVERY_KEY=oad_...5. Configure Own Auth
In your auth.ts, configure managed email delivery with the delivery key. Set baseUrl to the website or app URL used to build auth links.
import { OwnAuthManagedEmailProvider, createOwnAuth } from "own-auth";
export const auth = createOwnAuth({
tokenPepper: process.env.OWN_AUTH_TOKEN_PEPPER,
baseUrl: "https://app.example.com",
emailProvider: new OwnAuthManagedEmailProvider({
deliveryKey: process.env.OWN_AUTH_EMAIL_DELIVERY_KEY
})
});That's it. Calls to requestMagicLink, requestEmailVerification, requestPasswordReset, and inviteMember now send email through Delivery instead of requiring your own email provider.
Send Auth Emails
await auth.requestMagicLink({
email: "user@example.com",
redirectUrl: "/dashboard"
});| Own Auth method | |
|---|---|
| requestMagicLink | Magic-link sign in |
| requestEmailVerification | Email verification |
| requestPasswordReset | Password reset |
| inviteMember | Organisation invitation |
What Delivery does
Delivery sends auth emails. That's it. Specifically:
- Receives the email request from the
own-authpackage running in your backend. - Sends the email with the auth link.
- Queues and retries on temporary failures.
- Logs the delivery status (accepted, delivered, failed).
What Delivery does not do
Delivery does not:
- Create users.
- Verify tokens.
- Create sessions.
- Touch your database.
- Store your user data.
- Make auth decisions.
Your backend runs own-auth, which creates the token and builds the auth URL. Delivery receives that URL and sends it in an email. The own-auth package in your backend does all the auth work.
Local Development
A delivery key works in local development and sends real emails. Delivery does not provide a sandbox mode. Use a local mail catcher through a custom email provider when development messages should remain on the local machine.
Use Your Own Email Provider
To stop using Delivery, replace OwnAuthManagedEmailProvider with an EmailProvider implementation backed by the email service or SMTP client used by the application. Auth method calls do not change.
import { createOwnAuth, type EmailProvider } from "own-auth";
const emailProvider: EmailProvider = {
async send(message) {
await emailClient.send({
from: "My App <no-reply@example.com>",
to: message.to,
subject: "Continue to My App",
html: `<a href="${message.url}">Continue</a>`
});
}
};
export const auth = createOwnAuth({
tokenPepper: process.env.OWN_AUTH_TOKEN_PEPPER,
baseUrl: "https://app.example.com",
emailProvider
});Next Step
Review Delivery Logs, or configure Hosted Links for a managed website or app bridge.