Cloudflare Inbox

Email sign-in for the catch-all inbox, without adding a separate auth stack.

Enter the authorized email for this inbox. If it matches the configured forwarding address, the Worker sends a short-lived sign-in link and stores the session in an HTTP-only cookie.

Magic link

Sign-in links are sent only to the configured forwarding address and expire quickly.

Cookie session

Successful sign-ins issue a same-site cookie for the inbox page and protected JSON routes.

Open the protected inbox

Request a sign-in link for the authorized inbox email.

Need implementation details?Open docs