Everything you should do before you start sending authentication emails with Resend and Supabase.
supabase.co
domain for your project, and uses that domain for the links in your authentication emails (e.g., verify email, reset password).
Once you are ready to go live, though, it is important to setup a custom domain. The key benefit here is to align the domains used in your from
address and the links in your emails. Especially for something as sensitive as email verification and magic links, giving confidence to the inbox providers that the origin of the email and the links in the body are the same can be very impactful.
This changes your links from:
auth.yourdomain.com
for your authentication emails, you are communicating to the inbox provider that all emails from this subdomain are related to sending authentication emails.
This clarity is essential because it helps the inbox provider understand that this subdomain is not used for sending marketing emails, which are more likely to be marked as spam.
notifications.yourdomain.com
).GET
request on all links in the body of the email. This type of scan can be problematic since Supabase Auth links are single-use.
To get around this problem, consider altering the email template to replace the original magic link with a link to a domain you control. The domain can present the user with a “Sign-in” button, which redirects the user to the original magic link URL when clicked.