Authentication
The SMTP API uses JWT bearer tokens to authenticate requests. You can view and manage your API keys via the auth API endpoints.
Your JWT bearer tokens carry many privileges, so be sure to keep them secure! Do not share your tokens via publicly accessible areas such as GitHub, client-side code, and so forth.
Authentication to the API is performed via HTTP Basic Auth. Provide your API key as the basic auth username value. You do not need to provide a password.
If you need to authenticate via bearer auth (e.g., for a cross-origin request), use -H "Authorization: Bearer RPqH8iq9xHd7ayjQc2Qkg4j>jv/HUdWH"
instead of -u RPqH8iq9xHd7ayjQc2Qkg4j>jv/HUdWH
.
All API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests without authentication will also fail.
Grant Token (Login)
POST
https://api.smtpd.dev/oauth/token?grant_type=password
This endpoint allows you to login and retrieve your JWT access token & refresh token.
Headers
Authorization
string
Basic: Base64(username:password) OR Base64(key:secret)
Refresh Access Token
POST
https://api.smtpd.dev/oauth/token?grant_type=refresh_token
This endpoint allows you refresh your access token.
Request Body
refresh_token
string
Refresh Token
Revoke refresh token (Logout)
POST
https://api.smtpd.dev/oauth/revoke
Headers
Authentication
string
Bearer {access_token}
Request Body
refresh_token
string
Refresh Token to be revoked
Get Me
GET
https://api.smtpd.dev/oauth/me
This endpoint returns the logged in users details.
Headers
Authentication
string
Bearer {access_token}
Last updated