Yes, you can manually handle the email delivery in an account recovery flow using the endpoint described at [createRecoveryCodeForIdentity](https://www.ory.sh/docs/reference/api#tag/identity/operation/createRecoveryCodeForIdentity). This endpoint (

POST /admin/recovery/code

) allows you (as an administrator) to generate a recovery code and a recovery link for a specific identity. The API response includes both the code and the link, along with their expiration time. You can then take this information and send it to the user via your own email system, rather than relying on Ory to send the email automatically. Here’s how the process works: 1. Call the endpoint with the user's identity ID (and optionally set the expiration time). 2. The response will contain: - `recovery_link`: A link the user can use to start the recovery process. - `recovery_code`: The code the user must enter to complete the recovery. - `expires_at`: When the code/link expires. 3. You send the

recovery_link

and/or

recovery_code

to the user using your own email system. Example response:

json {   "recovery_link": "/ui/recovery?flow=79686c66-e427-4c1b-861e-083572f97964",   "recovery_code": "76453943",   "expires_at": "2022-10-25T03:09:37.60684766Z" }

The user then visits the link and enters the code to recover their account. This approach gives you full control over the email content and delivery process, which is useful for custom workflows or branding requirements [Administrative account recovery](https://www.ory.sh/docs/kratos/manage-identities/account-recovery). Note: You need to authenticate as an admin (using an API key) to use this endpoint, and the endpoint is intended for administrative actions, not for end-user self-service flows. For more details, see the official documentation: [createRecoveryCodeForIdentity](https://www.ory.sh/docs/reference/api#tag/identity/operation/createRecoveryCodeForIdentity).

Yes, you can continue the recovery flow using REST calls after generating a recovery code and link with the admin endpoint. Here’s how the process works based on the knowledge sources: 1. Generate the recovery code and link using the admin endpoint (

POST /admin/recovery/code

). This gives you a

recovery_link

and a

recovery_code

for the user. You send these to the user manually (e.g., via your own email system) [Administrative account recovery](https://www.ory.sh/docs/kratos/manage-identities/account-recovery). 2. User visits the recovery link (e.g.,

/ui/recovery?flow=<flow-id>

) and is prompted to enter the recovery code. 3. Continue the flow via REST: The user (or your client application) can submit the recovery code using a REST call to the

/self-service/recovery

endpoint, including the

flow

query parameter (the flow ID from the link) and the code in the request body. For example:

bash    curl -X POST \      -H 'Content-Type: application/json' \      -H 'Accept: application/json' \      -d '{"method":"code","code":"76453943"}' \      "https://$<http://PROJECT_SLUG.projects.oryapis.com/self-service/recovery?flow=<flow-id|PROJECT_SLUG.projects.oryapis.com/self-service/recovery?flow=<flow-id>>"

This will continue the recovery flow and, if the code is valid, allow the user to reset their password or complete the recovery process [Submit recovery flow](https://www.ory.sh/docs/kratos/bring-your-own-ui/custom-ui-basic-integration#submit-recovery-flow). Summary: You can fully control the recovery process: generate the code and link, send them yourself, and then continue and complete the flow using REST API calls. The user does not need to rely on Ory’s built-in email delivery, and all steps can be handled programmatically via REST. If you need to automate the entire process, ensure you handle the flow state transitions as described in the Ory documentation.