API Keys

API keys authenticate your requests to the GetMailer API.

Key Format

API keys start with gm_ followed by a unique identifier:

gm_abc123def456ghi789...

Creating an API Key

  1. Go to your API Keys dashboard
  2. Click "Create API Key"
  3. Enter a name to identify the key
  4. Select one or more verified domains the key can send from
  5. Copy and securely store the generated key
Important: API keys are shown only once when created. If you lose a key, you will need to create a new one.

Domain Linking

Each API key must be linked to at least one verified domain. This ensures:

  • Emails can only be sent from domains you control
  • Different keys can have different domain permissions
  • You can revoke access to specific domains by deleting keys

Using Your API Key

Include your API key in the Authorization header:

Authorization: Bearer gm_your_api_key_here

See Authentication for more details.

Security Best Practices

  • Store API keys in environment variables, never in code
  • Never commit API keys to version control
  • Never expose API keys in client-side JavaScript
  • Rotate keys periodically or if you suspect compromise
  • Use separate keys for development and production
  • Delete unused API keys promptly

Revoking Keys

To revoke an API key, delete it from your dashboard. The key will immediately stop working. Any applications using the key will receive 401 Unauthorized responses.

API Keys - GetMailer Docs | GetMailer