How to Send Emails from Shopify Flow Using Amazon SES

Sign in to the AWS console and open Amazon SES (search “SES” if you don’t see it).

Before anything else, pick your region using the selector in the top-right corner, somewhere close to your customers is a good default. This matters more than it looks: your verified identities, your SMTP credentials, and the SMTP endpoint are all region-specific and have to match. A credential created in us-east-1 won’t work against the eu-west-1 endpoint. Whatever you pick here, stay in it for the rest of the setup, and note it down.

SES won’t send mail from an address it hasn’t confirmed you control. In the SES console, go to Configuration → Identities and click Create identity.

Verifying a domain is the better choice: it lets you send from any address on that domain (orders@, hello@, and so on) and improves deliverability. Enter your domain, and SES gives you a set of DNS records (DKIM CNAMEs, and optionally records for a custom MAIL FROM) to add at your DNS host. Add them and wait for SES to mark the domain Verified, usually minutes, occasionally up to 48 hours.

Verifying a single email address is the quick alternative: pick that option, enter the address, and click the confirmation link SES emails you. You’ll only be able to send from that exact address.

Every new SES account (per region) starts in the sandbox, where you can only send to addresses you’ve also verified, with very low limits. That’s fine for testing but useless for real customer email, so you’ll want to leave it.

In the SES console, open Account dashboard and use the Request production access option. You’ll describe what you’re sending (choose Transactional), your website, and how you handle bounces and complaints. Approval is often quick but can take a day. Once you’re in production, you can send to any recipient, though your From address still has to be a verified identity from the previous step.

This is the step people get wrong, so read it carefully: SES SMTP credentials are not your AWS account password and not your IAM access keys. They’re a dedicated pair you generate specifically for SMTP.

In the SES console, go to SMTP settings, then click Create SMTP credentials. AWS creates a behind-the-scenes user with send permission and gives you an SMTP username (a string that looks like an access key) and an SMTP password (a longer string). Copy or download both now, the password is shown only once, and if you lose it you’ll have to generate a new pair.

The same SMTP settings page also shows your SMTP endpoint for this region, something like email-smtp.us-east-1.amazonaws.com. Note it down with your credentials.

Pulling the previous step together, here’s what you’ll enter into FlowRelay:

• Host: your region’s endpoint, e.g. email-smtp.us-east-1.amazonaws.com
• Port: 587 (STARTTLS) or 465 (SSL). If your network blocks those, SES also listens on 2587 and 2465
• Username: the SMTP username from the credentials you created
• Password: the SMTP password from those same credentials (not the IAM secret key)

Install FlowRelay from the Shopify App Store and accept the requested permissions.

On first launch, FlowRelay shows a short setup checklist: set your sender name and email, connect a provider, and send a test email. The next step covers connecting SES over SMTP.

In FlowRelay, open Settings, find Email delivery, and click Manage providers to open the Connect email provider dialog.

Pick SMTP from the provider list and fill in your SES details: the region endpoint as the host, port 587 (or 465), the SMTP username, and the SMTP password. FlowRelay tests the connection before saving it, so a region/endpoint mismatch or wrong credentials shows up immediately rather than after your first real send.

Make sure the sender address FlowRelay uses (in its sender details, or in Override sender) is one your SES identity covers, the exact verified email address, or any address on your verified domain. SES rejects mail from a From address it doesn’t recognize.

Click Connect. Whichever provider you connect first becomes your Primary, and FlowRelay routes all outbound mail through it. You can connect a second provider later as an automatic Fallback.

Open Shopify Flow, create a new workflow, and pick a trigger (Order created is a common one to start with). Add the Send transactional email action; it shows up in the action list once FlowRelay is installed.

You’ll need to fill in a few fields on the action: an email address for the recipient (this can pull straight from the trigger, like the customer’s email), a subject line, and the body, which is the actual HTML content of the email. There’s also an optional preview text field for the snippet shown in inbox previews. For the body, you can write plain HTML or use Liquid to pull in order details, customer names, and other data from the workflow.

Save the workflow and turn it on.

Before you trust a live trigger, use the Send test email button in FlowRelay’s settings. It confirms SES is wired up correctly and shows you where the message lands. If you’re still in the sandbox, send this test to an address you’ve verified, otherwise SES will reject it.

Once that test email arrives, run your Flow workflow under real conditions, like placing a test order, and check FlowRelay’s delivery log to confirm the email went out through SES and see its delivery status.