Skip to main content

Email Links And Verification

How Handlet uses email links for verification, recovery, and secure callbacks.

Handlet uses Supabase Auth email links for account verification and recovery flows where configured.

Callback handling

Email links return to the app callback route. The callback exchanges the token for a session, then redirects based on account state.

Local testing

Local Supabase exposes a local email testing inbox when Supabase is running. Use that inbox to test confirmation and recovery links without sending real email.

Operational notes

  • Keep link expiry aligned with security expectations.
  • Avoid logging full callback URLs or tokens.
  • Confirm that NEXT_PUBLIC_SITE_URL matches the environment being tested.
  • Use the app mailer separately for product emails such as team invitations.
© 2026 Handlet. All rights reserved.

AI Assistance: Handlet currently uses AI for intent recognition and, where enabled, social post support. AI output can be wrong and should be checked before use. Learn More