> ## Documentation Index
> Fetch the complete documentation index at: https://support.bolt.new/llms.txt
> Use this file to discover all available pages before exploring further.
# Send emails from your Bolt app
> Send transactional and authentication emails from your Bolt app by connecting an email provider.
Many Bolt features rely on email to communicate with users. Common examples include authentication flows like email verification and password reset, along with application events like order confirmations and product updates.
In Bolt, email sending fits closely with your database configuration:
* Your database manages users and authentication
* Secrets stored in database settings protect sensitive credentials
* Server functions use those secrets to send email through external services
This guide explains how to connect an email service to your Bolt project so your application can send email securely and reliably.
You may only need to send email from your app code, or you may also want to send auth emails from your own domain. They're separate, so you can do one or both of the processes described here, depending on your needs.
## How email works with Bolt databases
When your project has a Bolt database, you have access to several interrelated features:
* [Authentication](/cloud/database/authentication) handles user sign-up, login, and password reset flows.
* [Secrets](/cloud/database/secrets) store sensitive values like API keys so they're never exposed to client code.
* [Server functions](/cloud/database/server-functions) run trusted server-side logic that can send email, call external APIs, and interact with your database.
Email services integrate through server functions using API keys stored as secrets in your database settings. This setup keeps credentials secure and ensures email logic runs on the server.
## Choose an email service
Before setting up email notifications, choose an email provider to deliver your messages. Popular options include:
* Resend (often used by Bolt by default)
* Mailgun
* Postmark
* SendGrid
Bolt server functions can work with any provider that exposes an HTTP API.
When choosing a service, consider:
* **Email volume**: how many messages you expect to send each month
* **Email type**: transactional messages, marketing campaigns, or both
* **Setup complexity**: how quickly you can create an account and generate an API key
### Let Bolt choose your email service
If you ask Bolt for email notifications without selecting a provider, Bolt typically uses Resend. It integrates cleanly with Bolt's infrastructure and requires minimal setup.
When Bolt uses Resend, the email infrastructure is prepared automatically, but you still need to add your own Resend API key so Resend can send emails on your behalf.
## Set up email notifications using a third-party service
The following steps use Resend, which is commonly used with Bolt. If you prefer, you can choose a different email service provider. Using a different provider changes only how you create the account and API key in Part 1.
### Prerequisites
Before a third-party service can send emails from your app, make sure you have:
* A [Bolt database](/cloud/database) in your project
* [Secrets](/cloud/database/secrets) set up in your project's database settings
* A [published](/cloud/hosting/publish) project with a [custom domain](/cloud/domains) attached
### Configure email notifications
1. Create an account at [https://resend.com/onboarding](https://resend.com/onboarding) using email, Google, or GitHub.
2. Follow Resend's API key documentation to create a new API key.
3. Copy the API key and store it securely. You may not be able to view it again later.
The key will look similar to the following: `re_CQmFPLaM_siCReVwuKEYvFXMRuSAMPLEz`
1. Open your Bolt project.
2. At the top center of the screen, click the **database icon**.
3. In the left navigation menu, click **Secrets**.
If Secrets doesn't appear, your project doesn't have a database yet.
4. Create a new secret with the following values:
* Name: `RESEND_API_KEY`\
The name is case-sensitive.
* Value: ``
5. Click **Create secret**.
This allows your server functions to authenticate with Resend and send email.
After adding your Resend API key to your Bolt project, add your published project domain to Resend.
1. Log in to your Resend account.
2. In the left menu, click **Domains**.
3. Click **Add Domain**.
4. Under **Name**, enter your primary Bolt domain. For example, `mysite.bolt.host`
5. Select your preferred region.
6. Click **Add Domain**.
7. Keep this page open, as you'll need the information in Part 4.
The final step in setup is to add the DNS records created by Resend to your project.
Where you add them depends on your domain setup:
* If your domain was created through Bolt, follow the steps below.
* If you registered it through a third-party registrar such as Namecheap, GoDaddy, or Cloudflare, add the records in that registrar's dashboard instead.
1. Log in and open any Bolt project.
2. In the top right of your screen, click your **profile icon**, then click **Settings**.
3. In the left navigation menu, click **Cloud**.
4. Scroll down to the **Custom domains** section and identify the domain you want to update.
5. On the right side of the domain's row, click the three dots, then click **Open domain settings**.
6. Click **Add new record**.
7. Select your record type, then fill in its values based on the information shown in the **Resend → Domains** page from Step 3.
8. Click **Save**.
9. Create additional Resend records as necessary.
After completing the steps above, email sending should start working once the domain records finish resolving. This usually takes 10 to 20 minutes, though in some cases it can take a few hours.
After giving your DNS records some time to resolve, you can verify the setup by:
* Triggering an email in your application and confirming it arrives
* Checking the Resend dashboard for delivery logs or errors
## Send Supabase auth emails from your own domain
The steps above cover emails your app sends from code, such as order confirmations and in-app notifications. If your project uses Bolt's [authentication features](/cloud/database/authentication) like email sign-up or password reset, there's a second type of email to consider: auth emails. Bolt's authentication is powered by Supabase, which can send auth emails automatically on your behalf. They include password reset links, email verification messages, and magic link sign-ins.
By default, Supabase routes auth emails through its address (`no-reply@mail.supabase.io`). To send them from your own domain instead, you configure custom SMTP (Simple Mail Transfer Protocol). SMTP is the standard protocol for sending email. Custom SMTP tells Supabase to route auth emails through your email provider rather than its default server.
If you want auth emails to come from your own domain, follow the steps below. If you only need to send application notifications and other custom emails from your app code, you set that up already in [Set up email notifications using a third-party service](#set-up-email-notifications-using-a-third-party-service).
### Prerequisites
Before you can send auth emails from your own domain, make sure you have:
* A [Bolt database](/cloud/database) in your project
* A [published](/cloud/hosting/publish) project with a [custom domain](/cloud/domains) attached
* A [Resend](https://resend.com) account with a verified custom domain
* A dedicated Resend API key for SMTP use
Steps 1 through 3 below walk you through the Resend and database setup if you haven't done it yet.
### Configure custom SMTP for Supabase auth emails
Custom SMTP requires your Supabase project to be under your own Supabase account. Bolt-managed databases run on shared Supabase infrastructure, where custom SMTP settings don't apply. Without this step, SMTP settings will appear to save correctly but auth emails will continue to come from Supabase's default address.
If your project is already connected to your own Supabase account rather than a Bolt-managed database, you can skip this step.
1. In your Bolt project, at the top center of the screen, click the **database icon**.
2. In the left navigation menu, click [**Advanced**](/cloud/database/advanced).
3. Click **Claim**.
4. Follow the prompts to transfer the Supabase project to your own Supabase account. Make sure you have an account at [supabase.com](https://supabase.com) and that your browser allows popups for bolt.new.
If the claim process doesn't complete or the Supabase window doesn't appear, do these steps before trying again:
1. Log out of both Bolt and Supabase, then log back in.
2. Under **Settings > Applications**, disconnect and reconnect the Supabase integration.
Your sender email address must use a domain you've verified in Resend. Verification proves you own the domain and authorizes Resend to send email from it. This is separate from any API key you may have already set up for app notifications.
1. Log in to your [Resend](https://resend.com) account.
2. In the left menu, click **Domains**.
3. Click **Add Domain**.
4. Enter your domain (for example, `yourdomain.com`), then click **Add**.
5. Add the DNS records Resend provides to your domain registrar. Wait until all records show as verified before continuing.
Create a separate API key specifically for SMTP. If you already have a Resend API key from setting up app notifications, don't reuse it. Keeping them separate makes it easier to manage permissions and debug issues later.
1. In your Resend dashboard, click **API Keys**.
2. Click **Create API Key**.
3. Give the key a descriptive name, such as `Supabase SMTP`.
4. Copy the key immediately and store it somewhere safe. You won't be able to view it again.
1. Open your Supabase project dashboard.
2. Navigate to **Authentication > Email > SMTP Settings**.
3. Turn on **Enable custom SMTP**.
4. Fill in the following values:
| Field | Value |
| ------------ | -------------------------------------------------------------------- |
| SMTP Host | `smtp.resend.com` |
| Port | `465` |
| Username | `resend` |
| Password | Your Resend SMTP API key from Step 3 |
| Sender email | An address at your verified domain, such as `noreply@yourdomain.com` |
The sender email must use the exact domain you verified in Resend in Step 2. If it doesn't match, Supabase won't be able to send through Resend.
5. Click **Save**.
Trigger an auth email in your application, such as a password reset request, and confirm it arrives from your custom domain. You can also check delivery logs in your Resend dashboard.
DNS changes and SMTP configuration can take a few minutes to take effect. If you don't receive emails right away, wait a few minutes and try again.
### Customize auth email templates
After you configure custom SMTP, you can also update the content of auth emails to match your branding. You can do this in two places:
* **In Bolt**: Go to **Database > [Authentication](/cloud/database/authentication#edit-email-templates) > Email**, then click **Edit email templates**.
* **In Supabase**: In your Supabase project, navigate to **Authentication > Email Templates**.
Both give you access to the same templates, including password reset, invite, magic link, and email verification.
## Troubleshooting
If the API key is missing or misconfigured, you may see the following error:
`The following secrets are used in the code but don't exist yet: RESEND_API_KEY`
If email isn't being delivered, check the following:
* Confirm the secret name is exactly `RESEND_API_KEY`
* Verify the API key value is correct and active
* Check your email quota with your provider
* Review your Bolt project logs for server function errors
### Mailgun example
The following example shows a server function sending email with Mailgun (as opposed to Resend) using fetch():
```text theme={"system"}
const res = await fetch(`https://api.mailgun.net/v3/${MAILGUN_DOMAIN}/messages`, {
method: "POST",
headers: {
Authorization: `Basic ${btoa(`api:${MAILGUN_API_KEY}`)}`,
},
body: new URLSearchParams({
from: "noreply@yourdomain.com",
to: email,
subject: "Hello from Mailgun",
text: "Your notification is working!",
}),
});
```