Verification Checklist
Confirm your Resend setup is complete and working — account, domain, API key, Supabase secret, and a real test email sent and verified.
Work through each item in order. Every checkbox must pass before you consider Resend fully set up. Do not move on to building edge functions that depend on email until this checklist is complete.
Step 1 — Account
- Resend account created at resend.com
- Signed in with GitHub (or email verified if you used email signup)
- Resend dashboard is accessible and showing the Overview screen
How to confirm: You can log in at resend.com and see the Overview, Emails, Domains, API Keys, and Webhooks sections in the left sidebar.
Step 2 — Domain
Choose the path that applies to your current project:
For Training Projects (Using Resend's Development Domain)
- Confirmed you will use
onboarding@resend.devas the "from" address for all development sends - Understand this address works for testing but cannot be used for a client-facing production app
The resend.dev domain is specifically designed for this. Emails from it are real emails that arrive in real inboxes. It is not a simulation. You can send to your own Gmail, Outlook, or any other email address and receive the email normally. Use it freely during development.
For Production Projects (Custom Domain)
- Domain added in Resend dashboard → Domains
- Region set to
ap-south-1(for Indian apps) - SPF record added to domain registrar (Type: TXT, Host:
@) - DKIM record(s) added to domain registrar (Type: TXT, Host:
resend._domainkey) - DMARC record added to domain registrar (Type: TXT, Host:
_dmarc) - Clicked "Verify DNS Records" in Resend after DNS propagation
- Domain status shows "Verified" with green checkmarks for all records
If domain shows "Pending" after 2 hours:
- Go to your domain registrar → DNS Management
- Confirm all three records are present with the exact values Resend specified
- Look for leading/trailing spaces in the values (common copy-paste issue)
- Confirm you saved the records — some registrars require a separate "Save" step
- Click "Verify DNS Records" again in Resend
Step 3 — API Key
- API key created in Resend dashboard → API Keys
- Key named clearly (includes project name and environment)
- Key copied immediately after creation
- Key saved to VaultMate: category "API Key", title "Resend API Key — [Project Name]"
- Key added as a Supabase secret named
RESEND_API_KEY
To confirm the Supabase secret is set:
You should see RESEND_API_KEY in the output. The value will be hidden — that is correct behavior. Supabase never shows secret values after they are set.
If you don't see it: Run the set command again:
The API key must be in Supabase secrets, not .env. If you put it in .env and your .env file is not in .gitignore, you risk accidentally committing it to Git. A Git commit containing an API key is a security incident — keys must be rotated immediately. Always store secrets in the right place from the start.
Step 4 — Send a Test Email
This is the most important verification step. Writing the code is theory. Receiving the email is proof.
Create a Minimal Test Edge Function
In your project, create supabase/functions/test-email/index.ts:
Important: Replace 'your.email@gmail.com' with your actual email address before running.
Deploy and Invoke the Function
Or invoke it from the Supabase dashboard:
- Left sidebar → Edge Functions
- Click
test-email - Click "Invoke" at the top right
- Add the
Authorization: Bearer YOUR_ANON_KEYheader - Click "Send"
- Test edge function created
- Function deployed successfully
- Function invoked without errors
- Response shows
{ "success": true, "emailId": "..." } - Email arrived in your inbox (check spam folder if not in inbox)
Step 5 — Verify in Resend Dashboard
- Opened Resend dashboard → "Emails" in left sidebar
- Found the test email in the list (sorted by most recent)
- Status shows "Delivered"
- Clicked the email row and confirmed delivery events show the full chain: Accepted → Delivered
If status shows "Bounced": The email address you sent to is not receiving emails. Check that you typed your own email address correctly in the test function.
If status shows "Pending" for more than 2 minutes: This is unusual. Check Resend's status page at status.resend.com for any ongoing incidents.
If the email arrived in your spam folder: This is normal when sending from onboarding@resend.dev to an inbox for the first time. Production emails from your verified domain will have much better inbox placement. Mark the test email as "Not spam" and proceed.
Step 6 — Clean Up
- Deleted the test edge function or marked it for removal before production deploy
The test function should not exist in production. It has a very basic auth check and no rate limiting. Delete it:
Full Setup Summary
If every checkbox above is ticked, you have:
| Component | Status |
|---|---|
| Resend account | Created and accessible |
| Sending domain | Verified (or dev domain confirmed for training) |
| API key | Created, saved to VaultMate, added as Supabase secret |
| Test email | Sent, delivered, visible in Resend dashboard |
You are ready to write production email-sending edge functions. All future Resend integration work happens in the Backend module.
Quick Reference — Things to Remember
| Rule | Why |
|---|---|
| Copy the API key immediately when created | Resend shows it only once |
Store the key in Supabase secrets, not .env | Edge functions use Supabase secrets; .env could be committed to Git |
| Send from a verified domain in production | Inbox providers reject email from unverified senders |
Use onboarding@resend.dev for development | No DNS setup required; works immediately |
| Check Resend dashboard → Emails when delivery fails | Every send is logged with full delivery history |
| Rotate the key if it is ever exposed | Create new key → update Supabase secret → revoke old key |
| One key per project | Limits the blast radius if a key is ever compromised |
Where to Go From Here
Resend is configured. The actual edge functions that send fee payment confirmations, KYC notifications, and teacher welcome emails are built in the Backend + Database module under "Edge Functions in Practice."
The Resend SDK documentation is at resend.com/docs — the API reference covers every parameter the resend.emails.send() function accepts, including attachments, CC, BCC, reply-to, and scheduled sends.