Resend Inbox
Storage and environment
Configure S3-compatible storage, auth, and optional API access.
Required environment variables
APP_ORIGIN=https://inbox.example.com
RESEND_API_KEY=re_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
RESEND_WEBHOOK_SECRET=whsec_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
DEFAULT_MAILBOX=support@example.com
S3_BUCKET=resend-inbox
S3_REGION=us-east-1
AWS_ACCESS_KEY_ID=replace-me
AWS_SECRET_ACCESS_KEY=replace-me
AUTH_REQUIRED=true
AUTH_COOKIE_SECRET=replace-with-a-long-random-secret
OWNER_EMAIL=owner@example.com
AUTH_SENDER_EMAIL=noreply@example.com
AUTH_SENDER_NAME=Resend InboxOptional environment variables
S3_ENDPOINT=https://s3.example.com
S3_FORCE_PATH_STYLE=true
AWS_SESSION_TOKEN=replace-me
API_TOKEN=replace-with-a-long-random-api-token
PORT=3000Storage model
The app stores:
- raw
.emlsource, - normalized message JSON,
- attachment files,
- sent-message records,
- reply-alias lookup records,
- per-inbox sender settings.
The object layout matches the Cloudflare variant so the product behavior remains consistent across providers.
Auth model
OWNER_EMAIL is the only address allowed to request browser magic links. It is also the address that receives forwarded inbound messages.
Set API_TOKEN only when you need machine access to /api/* routes.