Better-Auth x Inbound plugin
I'm building an Inbound Email plugin for Better Auth that automatically sends transactional emails for security/auth events. Before I publish it, I wanted to confirm I'm not missing any important events.
Currently supporting these events via
| Event | Endpoint(s) | Description |
|-------|------------|-------------|
| Password Changed |
| Email Changed |
| New Device Sign-in |
| Account Created |
| 2FA Enabled/Disabled |
Questions:
Currently supporting these events via
after hooks:| Event | Endpoint(s) | Description |
|-------|------------|-------------|
| Password Changed |
POST /change-password | User changes their password || Email Changed |
POST /change-email | User updates their email address || New Device Sign-in |
POST /sign-in/email, /sign-in/social, /sign-in/magic-link, /sign-in/passkey | Login from unrecognized device/IP || Account Created |
POST /sign-up/email, /sign-up/social | New user registration || 2FA Enabled/Disabled |
POST /two-factor/enable, /two-factor/disable | TOTP/2FA status changes |Questions:
- **Are there other security-critical events I should be listening for?** For example:
- Account deletion?
- Session revocation (
/revoke-session)? - Failed login attempts?
- OAuth/social account linking/unlinking?
- Password reset requests (currently disabled by default since Better Auth handles sending those)?
- Account lockout?
- Is there a canonical list of all Better Auth API endpoints that trigger user-facing actions? I want to make sure I'm covering the important ones.
- **For the `after` hooks, is this the correct pattern to check for success?**```tsif (returned?.status !== 200) return;```
- **Is there a recommended way to detect session/account context** in the hook handler? Currently parsing from `ctx.context.session` or `ctx.context.newSession`.
inbound
the modern email infrastructure platform for developers. receive, parse, and manage inbound emails with powerful apis, webhooks, and real-time processing.
