When enabled, every email (auth flows andDocumentation Index
Fetch the complete documentation index at: https://docs.insforge.dev/llms.txt
Use this file to discover all available pages before exploring further.
emails.send() calls) routes through your SMTP server. Toggle off to revert; credentials are preserved.
Concepts
Provider is resolved on every send, so saves take effect on the next request. InsForge runstransporter.verify() before saving, so a persisted config always works. Passwords are encrypted at rest with AES-256-GCM and never returned by the API.
Usage
Configure SMTP under Authentication → Email.Enter credentials
Host, port (
25, 465, 587, 2525), username, password, sender email, sender name. Private IPs and self-signed certs are rejected.From: header is always your configured sender. SDK callers cannot spoof it.
Email templates
Templates render locally fromemail.templates. Variables use {{ variable }} and are HTML-escaped.
| Template | When it sends |
|---|---|
email-verification-code | New-user verification with a 6-digit code |
email-verification-link | New-user verification with a clickable link |
reset-password-code | Password reset with a 6-digit code |
reset-password-link | Password reset with a clickable link |
{{ token }} (code templates), {{ link }} (link templates, must start with http:// or https://), {{ name }} and {{ email }} (all templates).
Considerations
- Rate limiting. Min interval (seconds) caps per-recipient frequency. Sends within the cooldown return HTTP
429. Defaults to60;0disables. - SSRF protection. Private, loopback, link-local, and carrier-NAT ranges are rejected.
- Audit log. Config saves log
UPDATE_SMTP_CONFIG; template edits logUPDATE_EMAIL_TEMPLATE.
More resources
- Messaging overview for the routing model.
- nodemailer SMTP transport for connection options.
- Authentication overview for the flows that emit these emails.