> ## Documentation Index
> Fetch the complete documentation index at: https://docs.genie-app.de/llms.txt
> Use this file to discover all available pages before exploring further.
# Built-in AI and email
> Apps you build with Genie can use AI text generation and send email out of the box — no separate OpenAI or Resend account required. Bring your own keys whenever you want more control.
When your app needs to generate text with AI or send an email, it normally has to talk to an outside service like OpenAI or Resend, and each of those services requires you to sign up, verify your details, and create an API key before anything works. Genie removes that step. Every project with **Genie Cloud** enabled comes with working credentials for these services already wired in, so AI features and transactional email work the first time Genie builds them — without you registering anywhere.
Built-in AI and email require **Genie Cloud** to be connected to your project. If it is not enabled yet, see [Genie Cloud](/cloud/overview) to set it up first.
## What you get out of the box
When Genie Cloud is provisioned for your project, Genie automatically adds a set of ready-to-use credentials to your project [secrets](/projects/secrets). You do not have to create them, and you do not have to paste them anywhere — Genie's generated code reads them on its own.
Generate text, summaries, chat replies, and other AI content. Backed by OpenAI through Genie.
Send transactional email — confirmations, notifications, contact-form messages — through Resend.
Run machine-learning models for tasks like classification or image work through Hugging Face.
These show up in your **Secrets** tab as the following entries, already filled in:
| Secret | What it powers |
| ---------------- | ---------------------------- |
| `OPENAI_API_KEY` | AI text generation |
| `RESEND_API_KEY` | Sending email |
| `HF_TOKEN` | Hugging Face model inference |
You will also see matching `OPENAI_BASE_URL`, `RESEND_BASE_URL`, and `HF_ENDPOINT` entries. These tell your app to route requests through Genie. Leave them as they are unless you are switching to your own key (see [Bringing your own key](#bringing-your-own-key) below).
Just describe what you want — "summarise each support ticket", "email me when someone submits the form", "tag uploaded photos" — and Genie builds the feature using these built-in credentials. You do not need to mention API keys at all.
## How it works
Your app never holds a real OpenAI or Resend key. Instead, the credentials Genie seeds are **project-specific access tokens** that point at Genie's secure relay. When your app makes a request:
Your generated code calls OpenAI, Resend, or Hugging Face as normal, using the seeded credentials.
The request reaches Genie, which verifies it belongs to your project and then forwards it to the real provider using Genie's own provider key.
The provider's reply is passed straight back to your app, unchanged. AI responses stream token by token just as they would directly.
This design keeps the real provider keys on Genie's side — they are never placed in your project where they could be read or leaked — while still attributing every request to your project so usage can be measured fairly.
## Usage and limits
The built-in credentials are included with Genie Cloud at no extra, per-request charge today. Each request your app makes through them is **recorded** — provider, endpoint, status, and timing — so Genie can monitor the service and so usage can be attributed to your project. That recorded usage is **not currently metered or billed back to you per request**: it does not draw down your [credits](/billing/credits) and does not appear as a line item on your invoice.
The practical limit on the built-in credentials is a **per-project rate limit** (a cap on requests per minute), not a usage charge. Normal app traffic stays well under it; if you expect heavy, sustained volume, bring your own key or contact support to raise the limit.
Per-request metering and billing for built-in AI and email usage may be introduced in the future. If that changes, it will be reflected here and on the [Credits](/billing/credits) and [Plans](/billing/plans) pages. To keep your costs fully predictable and under your own control, [bring your own key](#bringing-your-own-key) — those requests are billed by the provider directly to you.
## Limits of the built-in credentials
The included credentials are tuned for the common case — getting features working instantly and affordably. A few constraints come with that:
### AI model
The built-in OpenAI credential is limited to Genie's default model, which is selected to be fast and cost-effective for typical app features. If your app requests a different model, the request is rejected. To use a specific or more powerful model, [bring your own OpenAI key](#bringing-your-own-key).
### Email sender address
Email sent through the built-in Resend credential must use Genie's verified sending address:
```
noreply@email.genie-app.de
```
If you try to send from any other address, the request is rejected with a clear message. This is because email providers only allow sending from domains that have been verified, and `email.genie-app.de` is the domain Genie has verified for shared use. To send from **your own** address or domain — for example `hello@yourcompany.com` — [bring your own Resend key](#bringing-your-own-key).
If your app's emails need to come from your own brand's address, set up your own Resend key before launch. The built-in sender is great for testing and internal notifications, but recipients will see `noreply@email.genie-app.de` as the sender.
## Bringing your own key
You can replace any of the built-in credentials with your own at any time. This is the right move when you want a specific AI model, your own email domain, your own usage limits, or provider billing in your own account.
Sign up with [OpenAI](https://platform.openai.com), [Resend](https://resend.com), or [Hugging Face](https://huggingface.co) and create an API key. For Resend, verify your sending domain in their dashboard first.
In your project, open **Settings → Secrets**. See [Secrets](/projects/secrets) for details.
Edit the relevant secret — `OPENAI_API_KEY`, `RESEND_API_KEY`, or `HF_TOKEN` — and paste your own key in place of the built-in one.
Save the secret. Genie automatically updates the matching base-URL entry to point at the provider directly, so your app talks to the provider with your key instead of going through Genie's relay. No code changes are needed.
Once you have switched, requests for that provider go straight from your app to the provider, are billed to your own account, and are no longer subject to Genie's model allowlist, sender-address restriction, or rate limit. The other built-in credentials you did not change keep working as before.
Switching back to the built-in credential later is done by re-running provisioning for the project (the **Re-run bootstrap** button in the **Cloud** tab re-seeds the built-in values). A dedicated one-click reset is on the roadmap.
## Troubleshooting
| What you see | Likely cause | What to do |
| ------------------------------------------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------- |
| AI requests fail with an "invalid model" error | Your app asked for a model the built-in credential does not allow | Switch the feature to Genie's default model, or [bring your own OpenAI key](#bringing-your-own-key) |
| Email is rejected with a sender/domain error | The app is sending from an address other than `noreply@email.genie-app.de` | Use the built-in sender address, or bring your own Resend key with a verified domain |
| A service stops working after you edited a secret | The built-in credential was changed or cleared by mistake | Re-run bootstrap from the **Cloud** tab to restore the built-in values, or paste a valid key of your own |
| Requests start failing under heavy load | You hit the per-project rate limit | Reduce request volume, bring your own key, or contact support to raise the limit |
Ask Genie in the project chat — "why is my email failing?" or "switch my app to my own OpenAI key" — and it can inspect your secrets and the relevant code and walk you through the fix.