All API endpoints that send or manage emails require authentication via an API key.

Create API keys from the dashboard under API Keys. Each key has an environment ("test" or "live") and a permission scope.

Include the key in every request header:

X-API-Key: your_api_key_here

API keys are hashed before storage — the full key is only shown once at creation time. Keep it secure.

API Key Scopes

Each API key has one or more permission scopes that control what it can access:

• full_access — Can access all endpoints. This is the default scope for new keys and is backwards-compatible with existing keys.
• sending — Can send emails (POST /v1/send), render templates (POST /v1/render), schedule emails, cancel, and reschedule. Cannot read delivery status or queue stats.
• reading — Can check delivery status (GET /v1/send/:jobId), list scheduled emails, get scheduled email details, and view queue stats. Cannot send or modify emails.

Choose the most restrictive scope that fits your use case. For example, a billing service that only sends transactional emails should use a "sending" key, while a monitoring dashboard that checks delivery status should use a "reading" key.

If a key lacks the required scope, the API returns a 403 with a structured error including the required_scopes, your key's current scopes, and a hint on how to fix it.