Mobile setup and connection modes

This is the recommended path for the fullest BlindBox feature set. Mail actions, sync, billing status, and attachment analysis can go through the BlindBox API and supporting services.

• Best fit for production parity with desktop and BlindBox account features.
• Supports server-backed capabilities such as billing-aware Insight tools when the account permits them.
• Uses reachable API base URLs configured through the Expo public environment variables.

Direct Gmail uses Google OAuth and Google APIs from the mobile app when enabled. It is useful for client-side Gmail iteration but does not replace every sidecar-backed feature.

• Enable it with the direct Gmail flag and the relevant Google OAuth client IDs.
• Works best in a development or production build with the mobile URL scheme registered.
• Core Gmail mail actions can work without the BlindBox mail sidecar, but server-only AI and billing behavior still depends on the BlindBox services.

The mobile provider flow can collect credentials for iCloud, Apple Mail, and custom IMAP-compatible providers when that path is available.

• Apple Mail and iCloud require an app-specific password rather than the main Apple ID password.
• Provider presets keep common server details easier to enter.
• Direct generic IMAP from managed Expo is intentionally treated carefully because mobile socket, TLS, and provider auth behavior vary widely.

Calendar setup lives in mobile settings and follows the same provider family model as desktop: Apple, Google, and Outlook destinations where supported.

• Supported calendar sessions can list calendars and save the target destination for invite actions.
• Direct Gmail calendar support may ask for an upgraded Google scope when event access was not granted during initial login.
• Calendar settings are stored per session so the right mailbox can target the right calendar.

Set EXPO_PUBLIC_BLINDBOX_API_BASE_URL to the reachable BlindBox API host. The app accepts either an origin or a URL that already includes /api.

EXPO_PUBLIC_BLINDBOX_ADMIN_API_BASE_URL, EXPO_PUBLIC_BLINDBOX_ACCOUNT_API_BASE_URL, and EXPO_PUBLIC_BLINDBOX_SYNC_API_BASE_URL can override the admin, account, and sync service bases independently.

Direct Gmail mode can use Expo, iOS, Android, and web client IDs through the Google-specific Expo public environment variables.

EXPO_PUBLIC_CLIENT_SYNC_TOKEN is an optional fallback for client-sync calls when no BlindBox JWT is available. It must match the backend CLIENT_SYNC_TOKEN.

Production builds should fill mobile/.env.production with the production API hosts and public OAuth client IDs before building or releasing the app.

From the mobile directory, install the npm dependencies before starting Expo or creating native builds.

When testing on a physical phone, localhost usually points at the phone itself. Use a LAN address, tunnel, or production host that the device can actually reach.

Use the mobile package start script for Expo development, then test provider login, mailbox refresh, message open, compose, and settings changes.

Direct Gmail and other native redirect flows are more reliable when the BlindBox mobile scheme is registered in a development or production build.

After a successful live load, restart the app or interrupt the network to confirm cached mailbox state and message details still appear as expected.