Mail Service API
The Mail Service provides secure email sending capabilities across your organization’s applications. It supports configurable SMTP settings and various email templates for different use cases including authentication, password reset, account creation, user invitations, and security alerts.Base URL
All endpoints are prefixed with/api/v1
Authentication
All endpoints require authentication via Bearer token with specific scopes:SEND_MAIL- Required for sending emailsFETCH_CONFIG- Required for updating SMTP configuration
Architecture Overview
The Mail Service is built on a Node.js backend with MongoDB for data persistence. It uses a container-based dependency injection pattern with InversifyJS for better modularity. The service leverages configurable SMTP settings to send emails through various providers and integrates with:- Configuration Manager - Manages SMTP provider configurations
- Authentication Service - Provides JWT token validation
- MongoDB - Stores email metadata and tracking information
Key Features
- Template-Based Emails - Pre-built templates for common use cases
- SMTP Configuration - Flexible SMTP provider support
- Email Tracking - Maintains records of sent emails
- Authentication Integration - Secure token-based access
- Attachment Support - File attachment capabilities
- CC/BCC Support - Multiple recipient management
Supported Email Templates
The Mail Service includes built-in templates for:- Login with OTP - One-time password authentication emails
- Reset Password - Password reset link emails
- Account Creation - Welcome emails for new users
- App User Invite - User invitation emails
- Suspicious Login Attempt - Security alert notifications
API Endpoints
Email Operations
Email Operations
Core email sending functionality with template support and SMTP configuration management.
POST /emails/sendEmail - Send Email
POST /emails/sendEmail - Send Email
Send an email using configured SMTP settings and specified template.
- Request
- Response
- Error Responses
Endpoint:
Email Template Types:
POST /api/v1/emails/sendEmailAuthentication: Requires scoped token with SEND_MAIL scopeRequest Body Parameters:| Parameter | Type | Required | Description |
|---|---|---|---|
| emailTemplateType | string | Yes | Type of email template (loginWithOTP, resetPassword, accountCreation, appuserInvite, suspiciousLoginAttempt) |
| sendEmailTo | string[] | Yes | Array of recipient email addresses |
| subject | string | Yes | Email subject line |
| templateData | object | Yes | Data to populate the email template |
| sendCcTo | string[] | No | Array of CC recipient email addresses |
| attachments | object[] | No | Array of email attachments |
| fromEmailDomain | string | No | Override sender email domain |
| productName | string | No | Product name for branding |
| isAutoEmail | boolean | No | Flag indicating automated email |
loginWithOTP- One-time password authenticationresetPassword- Password reset emailsaccountCreation- New account welcome emailsappuserInvite- User invitation emailssuspiciousLoginAttempt- Security alert emails
templateData object should contain template-specific variables. Common fields include:userName- Recipient’s namecompanyName- Organization nameotp- One-time password (for OTP emails)resetLink- Password reset URL (for reset emails)inviteLink- Invitation URL (for invite emails)
POST /updateSmtpConfig - Update SMTP Configuration
POST /updateSmtpConfig - Update SMTP Configuration
Update the SMTP configuration for the mail service.
- Request
- Response
- Error Responses
Endpoint:
POST /api/v1/updateSmtpConfigAuthentication: Requires scoped token with FETCH_CONFIG scopeRequest Body Parameters:
No request body required. The configuration is loaded from the Configuration Manager service.SMTP Configuration Schema:
The SMTP configuration includes:host- SMTP server hostnameport- SMTP server port (default: 587)username- SMTP authentication username (optional)password- SMTP authentication password (optional)fromEmail- Default sender email address
Middleware and Validation
The Mail Service implements several middleware layers for security and validation:SMTP Configuration Checker
Validates that SMTP configuration is properly set before allowing email operations:- Checks for required SMTP settings (host, port, fromEmail)
- Ensures configuration completeness
- Prevents email sending without proper setup
JWT Token Validation
Validates Bearer tokens for authentication:- Verifies token signature and validity
- Extracts user information from token payload
- Ensures proper authorization for operations
Container-Based Architecture
Uses InversifyJS dependency injection for:- Service lifecycle management
- Configuration updates without service restart
- Modular component organization
Email Template System
The service uses Handlebars templating engine with:Template Structure
- Layouts - Main email structure templates
- Partials - Reusable template components (header, footer, head)
- Helpers - Custom Handlebars helpers for conditional rendering
Template Features
- Responsive email design
- Consistent styling across templates
- Dynamic content population
- Conditional content rendering
- Task table support for structured data
Styling System
Automated styling injection includes:- Container and table styling
- Mobile-responsive design
- Button and form styling
- Consistent color scheme and typography
Schema Definitions
- Mail Info Schema
- Mail Body Schema
- SMTP Config Schema
- Email Template Types
- Mail Config Schema
Error Handling
All endpoints return structured error responses:- SMTP Not Configured - Service requires SMTP configuration before sending emails
- Invalid Template - Unknown email template type specified
- Authentication Failed - Invalid or missing JWT token
- Email Send Failure - SMTP server errors or network issues
- Invalid Recipients - Malformed email addresses
- Missing Required Fields - Required parameters not provided
Email Delivery Process
-
Configuration Validation
- Verify SMTP configuration exists
- Validate authentication credentials
- Check required fields
-
Template Processing
- Select appropriate email template
- Populate template with provided data
- Apply styling and formatting
- Handle conditional content
-
Email Composition
- Set sender and recipient information
- Attach files if provided
- Configure email headers
- Apply SMTP settings
-
Delivery and Tracking
- Send email via configured SMTP provider
- Record email metadata in database
- Return delivery confirmation
- Handle delivery errors gracefully
Security Considerations
- Token-Based Authentication - All endpoints require valid JWT tokens with appropriate scopes
- SMTP Credential Protection - Passwords are not returned in API responses
- Input Validation - Email addresses and template data are validated
- Error Handling - Sensitive information is not exposed in error messages
- Container Security - Dependency injection prevents unauthorized access to services
Important Notes
- SMTP Configuration Required - Email sending requires proper SMTP configuration
- Template Data Validation - Template data must match expected template variables
- Email Tracking - All sent emails are automatically logged in MongoDB
- Attachment Support - Files can be attached using base64 encoding
- Responsive Templates - Email templates are mobile-responsive by default
- Error Recovery - Service handles SMTP failures gracefully without crashing
- Configuration Updates - SMTP settings can be updated without service restart
- Token Scopes - Different operations require different token scopes for security