Security News
Socket Security Analysis Is Now One Click Away on npm
npm now links to Socket's security analysis on every package page. Here's what you'll find when you click through.
By Sarah Gooding - Feb 19, 2026
New: Introducing PHP and Composer Support.Read the Announcement →
paubox-node
Advanced tools
Paubox NodeJS
This is the official NodeJS wrapper for the Paubox Email API.
The Paubox Email API allows your application to send secure, compliant email via Paubox and track deliveries and opens. The API wrapper allows you to construct and send messages.
Table of Contents
- Installation
- Usage
- Supported Node Versions
- Contributing
- License
- Copyright
Further documentation can be found at docs.paubox.com.
Installation
Using npm:
npm install --save paubox-node
Getting Paubox API Credentials
You will need to have a Paubox account. You can sign up here.
Once you have an account, follow the instructions on the Rest API dashboard to verify domain ownership and generate API credentials.
Configuring API Credentials
Include your API credentials in your environment file.
Your "API Username" comes from your unique API endpoint.
Base URL: https://api.paubox.net/v1/<USERNAME>
echo "API_KEY='YOUR_API_KEY'" > .env
echo "API_USERNAME='YOUR_ENDPOINT_NAME'" >> .env
echo ".env" >> .gitignore
Or pass them as parameters when creating emailService
const pbMail = require('paubox-node');
const pauboxConfig = {
apiUsername: 'your-api-username',
apiKey: 'your-api-key',
};
const service = pbMail.emailService(pauboxConfig);
Usage
To send email, prepare a Message object and call the sendMessage method of emailService.
Send Message
Please also see the API Documentation.
Please also see Sending a Dynamically Templated Message for sending a message using a dynamic template.
'use strict';
require('dotenv').config();
const pbMail = require('paubox-node');
const service = pbMail.emailService();
var options = {
from: 'sender@domain.com',
to: ['recipient@example.com'],
subject: 'Testing!',
text_content: 'Hello World!',
html_content: '<html><head></head><body><h1>Hello World!</h1></body></html>',
};
var message = pbMail.message(options);
service
.sendMessage(message)
.then((response) => {
console.log('Send Message method Response: ' + JSON.stringify(response));
})
.catch((error) => {
console.log('Error in Send Message method: ' + JSON.stringify(error));
});
Allowing non-TLS message delivery
If you want to send non-PHI mail that does not need to be HIPAA compliant, you can allow the message delivery to take place even if a TLS connection is unavailable.
This means the message will not be converted into a secure portal message when a nonTLS connection is encountered. To do this, include allowNonTLS: true in the options, as shown below:
'use strict';
require('dotenv').config();
const pbMail = require('paubox-node');
const service = pbMail.emailService();
var options = {
allowNonTLS: true,
from: 'sender@domain.com',
to: ['recipient@example.com'],
subject: 'Testing!',
text_content: 'Hello World!',
html_content: '<html><head></head><body><h1>Hello World!</h1></body></html>',
};
var message = pbMail.message(options);
Forcing Secure Notifications
Paubox Secure Notifications allow an extra layer of security, especially when coupled with an organization's requirement for message recipients to use 2-factor authentication to read messages (this setting is available to org administrators in the Paubox Admin Panel).
Instead of receiving an email with the message contents, the recipient will receive a notification email that they have a new message in Paubox.
'use strict';
require('dotenv').config();
const pbMail = require('paubox-node');
const service = pbMail.emailService();
var options = {
forceSecureNotification: 'true',
from: 'sender@domain.com',
to: ['recipient@example.com'],
subject: 'Testing!',
text_content: 'Hello World!',
html_content: '<html><head></head><body><h1>Hello World!</h1></body></html>',
};
var message = pbMail.message(options);
Adding the List-Unsubscribe Header
The List-Unsubscribe header provides the recipient with the option to easily opt-out of receiving any future communications. A more detailed explanation and usage guide for this header can be found at our docs here.
This header can be used by adding the list_unsubscribe: '<Email Unsubscribe Address>, <Web Unsubscribe URL' and list_unsubscribe_post: 'List-Unsubscribe=One-Click' key-value pairs to the options object as follows:
'use strict';
require('dotenv').config();
const pbMail = require('paubox-node');
const service = pbMail.emailService();
var options = {
from: 'sender@domain.com',
to: ['recipient@example.com'],
subject: 'Testing!',
text_content: 'Hello World!',
html_content: '<html><head></head><body><h1>Hello World!</h1></body></html>',
list_unsubscribe:
'<mailto: unsubscribe@example.com?subject=unsubscribe>, <http://www.example.com/unsubscribe.html>',
list_unsubscribe_post: 'List-Unsubscribe=One-Click',
};
var message = pbMail.message(options);
Adding Attachments and Additional Headers
'use strict';
require('dotenv').config();
const pbMail = require('paubox-node');
const service = pbMail.emailService();
var attachmentContent = Buffer.from('Hello! This is the attachment content!').toString('base64');
var options = {
from: 'sender@domain.com',
reply_to: 'reply_to@domain.com',
to: ['recipient@example.com'],
bcc: ['recipient2@example.com'],
cc: ['recipientcc@example.com'],
subject: 'Testing!',
text_content: 'Hello World!',
html_content: '<html><head></head><body><h1>Hello World!</h1></body></html>',
attachments: [
{
fileName: 'HelloWorld.txt',
contentType: 'text/plain',
content: attachmentContent,
},
],
};
var message = pbMail.message(options);
Send Bulk Messages
Please also see the API Documentation.
We recommend batches of 50 (fifty) or less. Source tracking ids are returned in order messages appear in the messages array.
'use strict';
require('dotenv').config();
const pbMail = require('paubox-node');
const service = pbMail.emailService();
// Create a Message for Alice
var messageAlice = pbMail.message({
from: 'sender@domain.com',
to: ['alice@example.com'],
subject: 'Hello Alice!',
text_content: 'Hello Alice!',
html_content: '<html><head></head><body><h1>Hello Alice!</h1></body></html>',
});
// Create a Message for Bob
var messageBob = pbMail.message({
from: 'sender@domain.com',
to: ['bob@example.com'],
subject: 'Hello Bob!',
text_content: 'Hello Bob!',
html_content: '<html><head></head><body><h1>Hello Bob!</h1></body></html>',
});
service
.sendBulkMessages([messageAlice, messageBob])
.then((response) => {
console.log('Send Message method Response: ' + JSON.stringify(response));
})
.catch((error) => {
console.log('Error in Send Message method: ' + JSON.stringify(error));
});
The same options as the sendMessage method are available for the sendBulkMessages method.
Get Email Disposition
Please also see the API Documentation.
The SOURCE_TRACKING_ID of a message is returned in the response of the sendMessage method. To check the status for any email, use its source tracking id and call the getEmailDisposition method of emailService:
'use strict';
require('dotenv').config();
const pbMail = require('paubox-node');
const service = pbMail.emailService();
service.getEmailDisposition('SOURCE_TRACKING_ID').then(function (response) {
console.log('Get Email Disposition method Response: ' + JSON.stringify(response));
});
Dynamic Templates
Create Dynamic Template
Please also see the API Documentation.
You can create a dynamic template by passing in a string, a file Buffer, or file Stream.
'use strict';
require('dotenv').config();
const pbMail = require('paubox-node');
const service = pbMail.emailService();
const templateName = 'your_template_name';
const templateContent = '<html><body><h1>Hello {{firstName}}!</h1></body></html>';
service.createDynamicTemplate(templateName, templateContent).then(function (response) {
console.log('Create Dynamic Template method Response: ' + JSON.stringify(response));
});
In a simple express app, this could look something like this:
require('dotenv').config();
const pbMail = require('paubox-node');
const service = pbMail.emailService();
app.post('/api/create-dynamic-template', upload.single('templateFile'), async (req, res) => {
try {
const { templateName } = req.body;
const templateFile = req.file;
const content = templateFile.buffer;
const response = await service.createDynamicTemplate(templateName, content);
res.json(response);
} catch (error) {
res.status(500).json({ error: error.message });
}
});
Update Dynamic Template
Please also see the API Documentation.
You can update a dynamic template's content and/or name:
'use strict';
require('dotenv').config();
const pbMail = require('paubox-node');
const service = pbMail.emailService();
const templateId = 123; // You would get this from the listDynamicTemplates method (see below)
const templateName = 'New Name';
const templateContent = '<html><body><h1>Hello {{firstName}}!</h1></body></html>'; // New content
service.updateDynamicTemplate(templateId, templateName, templateContent).then(function (response) {
console.log('Update Dynamic Template method Response: ' + JSON.stringify(response));
});
// Or just update the content
service.updateDynamicTemplate(templateId, null, templateContent).then(function (response) {
console.log('Update Dynamic Template method Response: ' + JSON.stringify(response));
});
In a simple express app, this could look something like this:
require('dotenv').config();
const pbMail = require('paubox-node');
const service = pbMail.emailService();
app.patch(
'/api/update-dynamic-template/:templateId',
upload.single('templateFile'),
async (req, res) => {
try {
const { templateId } = req.params;
const { templateName } = req.body;
const templateFile = req.file;
const content = templateFile.buffer;
const response = await service.updateDynamicTemplate(templateId, templateName, content);
res.json(response);
} catch (error) {
res.status(500).json({ error: error.message });
}
},
);
Delete Dynamic Template
Please also see the API Documentation.
'use strict';
require('dotenv').config();
const pbMail = require('paubox-node');
const service = pbMail.emailService();
const templateId = 123; // You would get this from the listDynamicTemplates method (see below)
service.deleteDynamicTemplate(templateId).then(function (response) {
console.log('Delete Dynamic Template method Response: ' + JSON.stringify(response));
});
Get Dynamic Template
Please also see the API Documentation.
'use strict';
require('dotenv').config();
const pbMail = require('paubox-node');
const service = pbMail.emailService();
const templateId = 123; // You would get this from the listDynamicTemplates method (see below)
service.getDynamicTemplate(templateId).then(function (response) {
console.log('Get Dynamic Template method Response: ' + JSON.stringify(response));
});
List Dynamic Templates
Please also see the API Documentation.
'use strict';
require('dotenv').config();
const pbMail = require('paubox-node');
const service = pbMail.emailService();
service.listDynamicTemplates().then(function (response) {
console.log('List Dynamic Templates method Response: ' + JSON.stringify(response));
});
Send a Dynamically Templated Message
Please also see the API Documentation.
For example, assume you have a dynamic template named welcome_email with the following content:
<html>
<body>
<h1>Welcome {{firstName}} {{lastName}}!</h1>
</body>
</html>
You can send a message using this template by doing the following:
'use strict';
require('dotenv').config();
const pbMail = require('paubox-node');
const service = pbMail.emailService();
const templateName = 'welcome_email';
const templateValues = {
firstName: 'John',
lastName: 'Doe',
};
var templatedMessage = pbMail.templatedMessage({
from: 'sender@domain.com',
to: ['recipient@example.com'],
subject: 'Welcome!',
template_name: templateName,
template_values: templateValues,
});
service
.sendTemplatedMessage(templatedMessage)
.then((response) => {
console.log('Send Templated Message method Response: ' + JSON.stringify(response));
})
.catch((error) => {
console.log('Error in Send Templated Message method: ' + JSON.stringify(error));
});
Supported Node Versions
Currently supported Node versions are:
- Node v22.16.x (LTS Jod)
- Node v24
Contributing
See CONTRIBUTING.md
License
See LICENSE
Copyright
Copyright © 2025, Paubox, Inc.
FAQs
A Node.js module for the Paubox Transactional Email API.
We found that paubox-node demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 24 Jun 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Cline CLI npm Package Compromised via Suspected Cache Poisoning Attack
A compromised npm publish token was used to push a malicious postinstall script in cline@2.3.0, affecting the popular AI coding agent CLI with 90k weekly downloads.
By Sarah Gooding - Feb 18, 2026
Product
Socket Brings Supply Chain Security to skills.sh
Socket is now scanning AI agent skills across multiple languages and ecosystems, detecting malicious behavior before developers install, starting with skills.sh's 60,000+ skills.
By Wenxin Jiang, Alexandros Kapravelos - Feb 17, 2026