Authentication
API key management and access scopes
API Keys
API keys are used to authenticate your requests. They start with jm_live_ for production or jm_test_ for testing.
Create an API Key
- Log in to JunkMail (Business plan required)
- Go to "API Keys"
- Click "Create a key"
- Give your key a name
- Select the required scopes
- Copy the key (displayed only once)
Available Scopes
| Scope | Description |
|---|---|
emails:read | Read addresses and emails |
emails:write | Create/delete addresses and send emails |
analytics:read | Access statistics |
domains:read | Read custom domains |
domains:manage | Manage custom domains |
webhooks:manage | Manage webhooks |
forwarding:manage | Manage forwarding addresses and rules |
Usage
Include your API key in the Authorization header:
curl -X GET https://api.junkmail.dev/api/v1/addresses \
-H "Authorization: Bearer jm_live_xxxxxxxxxxxx"JavaScript
const response = await fetch('https://api.junkmail.dev/api/v1/addresses', {
headers: {
'Authorization': 'Bearer jm_live_xxxxxxxxxxxx',
'Content-Type': 'application/json',
},
});Python
import requests
response = requests.get(
'https://api.junkmail.dev/api/v1/addresses',
headers={
'Authorization': 'Bearer jm_live_xxxxxxxxxxxx',
'Content-Type': 'application/json',
}
)Revoke a Key
For security reasons, you can revoke an API key:
- Go to "API Keys"
- Find the key to revoke
- Click "Revoke"
- Confirm the revocation
Important: Once revoked, the key can no longer be used and cannot be recovered.
Best Practices
- Never share your API keys
- Use environment variables
- Create separate keys per environment (dev, prod)
- Use the minimum required scopes
- Revoke unused keys