Iāve always wanted to create a proper preference center for my newsletter subscribers. A preference center isnāt just a nice-to-have; itās how you show subscribers you respect their choices and time. Whether itās letting them unsubscribe easily or tailor how often they hear from you, itās key to building trust. My first attempt was what Iād call āhackyāāusing Tally with a custom domain. It worked, but just barely. I found myself doing manual CSV updates more often than Iād like to admit because the automations I built kept tripping up. It wasnāt exactly the seamless experience I wanted to provide my subscribers!
ā”ļø Why Build
When youāre running multiple newsletters, giving subscribers control over what they receive is crucial. The tipping point? Spending hours wrestling with manual updates for something that should have been automated. I realized I wasnāt just wasting timeāI was delivering a clunky experience to my subscribers. That wasnāt fair to them or me.
As someone who loves automation and respecting user choices, I knew I needed something better. I wanted to build a system that felt effortless for subscribers while saving me from the frustration of constant fixes and manual tweaks. Thatās when I decided to create a proper, user-friendly preference center that puts subscribers in control.
š ļø The Current System
The solution I build this morning is much more sophisticated (though still not perfect – more on that later!). When someone subscribes to my newsletter, they get two forms of identification:
- Their MailerLite ID handles email delivery and subscription status
- A Supabase User ID lives in my custom database
These IDs work as tokens when subscribers want to update their preferences. When someone subscribes through a form, they’re automatically added to both MailerLite and my Supabase database then a group and newsletter based on the form. Every newsletter includes a unique URL at the bottom that’s specific to each subscriber. When they click it, they land on their personal preference center where they can subscribe to additional newsletters or unsubscribe from all.
š” Airtable vs Supabase
Here’s something interesting – I actually built two versions of this system. One uses Supabase and the other uses Airtable. I love the Supabase version, but if you are on the free plan, you have a max of 3 projects, and you can surely use the free tier for a more robust or larger project/application.
Airtable works well because each subscriber automatically gets a unique record ID just like Supabase, which works perfectly as their token. While I could have used only MailerLite IDs, I ran into some API challenges that made Airtable and Supabase’s solution easier to implement.
š Security Considerations
Is this the Fort Knox of preference centers? Not quite, but itās secure enough for its purpose. The unique URLs tied to specific IDs mean only the intended user can access their settingsāunless the link is forwarded or intercepted. Thatās a known limitation, and itās why version 2.0 is going to include token-based authentication with time-sensitive, single-use tokens, similar to magic links.
Hereās the thing: magic links and token-based URLs are pretty much the same at their core. Both embed a token in the URL that acts as a temporary credential. The problem? If someone shares or intercepts the link, itās game over. What makes magic links stand out is the added security they usually pack, like time-limited expiry, single-use validation, and contextual checks (e.g., IP or device verification). Without those extra layers, token-based URLs rely entirely on secrecyāwhich is a risk Iām determined to fix.
Version 2.0 is going to take this system up a notch. Iām working on adding:
- Short-lived tokens to limit the window of opportunity for misuse.
- Single-use links so a token is immediately invalidated after itās used.
- Contextual verification, like checking the userās IP or device, to make sure the link is being used by the right person.
- For highly sensitive actions, Iām exploring multi-factor authentication to add an extra layer of protection.
Oh, and everything is sent over HTTPS, so those tokens are safe during transmission. Iām also considering encrypting tokens directly in the URL to make them harder to exploit if exposed. The goal? To strike the perfect balance between strong security and a smooth user experienceābecause nobody likes systems that make them jump through hoops just to update their preferences.
šÆ Why This Matters
Here’s what really drives me: respect for subscribers. Sometimes people hit ‘unsubscribe’ not because they don’t want to hear from you at all, but because they’re getting too many emails or content that’s not quite right for them. By giving them control over frequency and content preferences, I’m hoping to build better relationships with my readers.
š Newsletter Preference Center v2.0 Plans
I’m excited about some major improvements coming up:
- Time-based authentication (implemented carefully with user experience in mind)
- Options for subscribers to adjust email frequency
- Better ways to update interests and preferences
- Enhanced security without adding friction
I’ve already built and tested the time-based system but held back on implementing it until I can make the user experience smoother. The goal is to let subscribers have more control while maintaining security.
The next version will also give users more granular control over their subscriptions. Instead of a simple subscribe/unsubscribe option, they’ll be able to:
- Choose how often they receive emails
- Select which topics interest them most
- Manage multiple newsletter subscriptions easily
- Pause subscriptions temporarily
š Key Learnings in Building a Newsletter Preference Center
Building this system taught me some valuable lessons:
- Sometimes the simpler solution (Airtable) beats the more sophisticated one (Supabase)
- Security and user experience don’t have to be at odds
- Giving users more control often prevents total unsubscribes
š« What’s Next?
While I’m proud of how far this system has come from my initial Tally hack, there’s always room for improvement. I’m constantly gathering feedback and making tweaks to make it even better.
Want to see how I implemented this? Have thoughts on newsletter preference centers? I’d love to hear your experiences or help you avoid some of the pitfalls I encountered along the way!
P.S. Iāve stopped collecting first and last names entirely, so this might feel like overkill. Now, the only data I retain is the userās email address and their preferences. While personalizing newsletters with names can be a nice touch, I realized itās unnecessary for most cases. If I ever want to personalize an email, I prefer sending a direct, one-on-one message instead of including it in a mass newsletter.