curl -X GET https://inbound.new/api/v2/mail \
  -H "Authorization: Bearer your_api_key_here"

{
  "emails": [
    {
      "id": "email_123",
      "subject": "Test Email",
      "from": "sender@example.com",
      "receivedAt": "2024-01-15T10:30:00Z"
    }
  ],
  "pagination": {
    "total": 1,
    "limit": 50,
    "offset": 0,
    "hasMore": false
  }
}

Authentication

All API requests to Inbound v2 require authentication using an API key. This guide explains how to obtain and use your API key securely.

Base URL

All authenticated requests are made to: 
https://inbound.new/api/v2

Getting Your API Key

1

Access Your Dashboard

Log in to your Inbound dashboard and navigate to the Settings page.

Dashboard

Go to inbound settings
2

Generate API Key

Click “Create API Key” and give it a descriptive name for easy identification.
3

Copy and Store Securely

Copy your API key immediately and store it securely. You won’t be able to see it again.
API keys are sensitive credentials. Never expose them in client-side code or commit them to version control.

Using Your API Key

Include your API key in the Authorization header of all API requests: 
Authorization: Bearer your_api_key_here

API Examples

curl -X GET https://inbound.new/api/v2/mail \
  -H "Authorization: Bearer your_api_key_here" \
  -H "Content-Type: application/json"

Authentication Methods

The Inbound API v2 supports both API key authentication and session-based authentication: Use API keys for server-to-server communication and automated workflows: 
Authorization: Bearer your_api_key_here

Session Authentication

For browser-based applications, you can use session authentication after logging in through the dashboard.

Security Best Practices

Testing Authentication

Test your authentication by making a simple request to list emails: 
curl -X GET https://inbound.new/api/v2/mail \
  -H "Authorization: Bearer your_api_key_here"

{
  "emails": [
    {
      "id": "email_123",
      "subject": "Test Email",
      "from": "sender@example.com",
      "receivedAt": "2024-01-15T10:30:00Z"
    }
  ],
  "pagination": {
    "total": 1,
    "limit": 50,
    "offset": 0,
    "hasMore": false
  }
}

Error Responses

If authentication fails, you’ll receive a 401 Unauthorized response: 
{
  "error": "Invalid or missing API key"
}
Common authentication errors:
  • Missing Authorization header: Include the Authorization header in your request
  • Invalid API key format: Ensure you’re using Bearer your_api_key_here
  • Expired or revoked key: Generate a new API key from your dashboard
  • Incorrect key: Double-check that you’re using the correct API key
Test your authentication with the list emails endpoint first. This is a quick way to verify your API key is working correctly.

Rate Limiting

API requests are rate-limited to ensure fair usage:
  • Standard users: 100 requests per minute
  • Pro users: 500 requests per minute
  • Enterprise users: Custom limits
Rate limit headers are included in all responses: 
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 99
X-RateLimit-Reset: 1642252800

Next Steps

Once you have authentication set up, you’re ready to start using the Inbound API v2:

List Emails

Retrieve all your emails with filtering and pagination

Get Email Details

Fetch complete email content and metadata