Authentication
All API requests require authentication using a Bearer token.
Bearer Token Authentication
Include your API key in the Authorization header of every request:
Authorization: Bearer gm_your_api_key_hereExample Request
curl -X POST https://getmailer.co/api/emails \
-H "Authorization: Bearer gm_your_api_key" \
-H "Content-Type: application/json" \
-d '{
"from": "you@yourdomain.com",
"to": "recipient@example.com",
"subject": "Hello",
"html": "<p>Hello world!</p>"
}'Authentication Errors
401 UnauthorizedReturned when authentication fails. Common causes:
- Missing Authorization header
- Invalid API key
- Expired API key
- Malformed Bearer token
{
"error": "Unauthorized"
}403 ForbiddenReturned when the API key lacks required permissions:
- Sending from a domain not linked to the key
- API key scope doesn't include the requested action
{
"error": "Insufficient API key permissions"
}SDK Authentication
When using our SDKs, pass your API key during initialization:
// Node.js
import { GetMailer } from '@getmailer/sdk';
const mailer = new GetMailer({
apiKey: process.env.GETMAILER_API_KEY
});Environment Variables
We recommend storing your API key in an environment variable:
# .env GETMAILER_API_KEY=gm_your_api_key_here
Never: Commit API keys to version control or expose them in client-side code.