API Overview
Introduction to the MailSentinel REST API for programmatic access to your email authentication data.
API Overview
The MailSentinel API provides programmatic access to your email authentication data, allowing you to integrate monitoring into your existing workflows.
Base URL
All API requests are made to:
https://api.mailsentinel.io/api
Authentication
Authenticate requests using Bearer tokens:
curl -X GET "https://api.mailsentinel.io/api/domains" \
-H "Authorization: Bearer YOUR_API_TOKEN"Obtaining API Tokens
- Go to Settings > API Keys
- Click Generate New Key
- Copy and securely store your token
Security: API tokens have full access to your account. Keep them secret and rotate regularly.
Response Format
All responses are JSON:
{
"success": true,
"data": {
// Response data
}
}Error Responses
{
"success": false,
"error": {
"code": "VALIDATION_ERROR",
"message": "Domain name is required"
}
}Rate Limiting
| Plan | Requests/Minute | Requests/Day |
|---|---|---|
| Free | 60 | 1,000 |
| Pro | 300 | 10,000 |
| Enterprise | 1,000 | Unlimited |
Rate limit headers:
X-RateLimit-Limit- Maximum requestsX-RateLimit-Remaining- Requests remainingX-RateLimit-Reset- Reset timestamp
Common Endpoints
Health Check
GET /healthResponse:
{
"status": "ok",
"timestamp": "2024-12-09T10:00:00Z"
}List Domains
GET /api/organizations/{orgId}/domainsResponse:
{
"domains": [
{
"id": "dom_123",
"domain": "example.com",
"verified": true,
"createdAt": "2024-01-01T00:00:00Z"
}
]
}Get Domain Details
GET /api/domains/{domainId}Response:
{
"domain": {
"id": "dom_123",
"domain": "example.com",
"verified": true,
"dmarcRecords": [...],
"spfRecords": [...],
"dkimRecords": [...]
}
}Scan Domain
Trigger a DNS scan for a domain:
POST /api/domains/{domainId}/scanResponse:
{
"dmarc": {
"found": true,
"record": "v=DMARC1; p=reject; ...",
"policy": "reject"
},
"spf": {
"found": true,
"record": "v=spf1 include:... -all",
"valid": true,
"dnsLookups": 5
}
}SDKs
JavaScript/TypeScript
import { MailSentinel } from '@mailsentinel/sdk';
const client = new MailSentinel({
apiKey: process.env.MAILSENTINEL_API_KEY
});
const domains = await client.domains.list('org_123');Python
from mailsentinel import MailSentinel
client = MailSentinel(api_key=os.environ['MAILSENTINEL_API_KEY'])
domains = client.domains.list('org_123')Webhooks
Receive real-time notifications for events:
Supported Events
| Event | Description |
|---|---|
domain.verified | Domain ownership verified |
domain.scan.completed | DNS scan finished |
alert.triggered | Alert condition met |
report.received | DMARC report processed |
Webhook Payload
{
"event": "alert.triggered",
"timestamp": "2024-12-09T10:00:00Z",
"data": {
"alertId": "alert_123",
"domainId": "dom_456",
"type": "dmarc_failure",
"message": "DMARC pass rate dropped below 95%"
}
}Configuring Webhooks
- Go to Settings > Webhooks
- Add your endpoint URL
- Select events to receive
- Save and test
Error Codes
| Code | Description |
|---|---|
UNAUTHORIZED | Invalid or missing API token |
FORBIDDEN | Insufficient permissions |
NOT_FOUND | Resource doesn't exist |
VALIDATION_ERROR | Invalid request parameters |
RATE_LIMITED | Too many requests |
INTERNAL_ERROR | Server error |
Best Practices
1. Use Pagination
For large datasets, use pagination:
GET /api/reports?page=1&limit=502. Cache Responses
Cache infrequently changing data like domain configurations.
3. Handle Rate Limits
Implement exponential backoff when rate limited.
4. Secure Your Tokens
- Never commit tokens to version control
- Use environment variables
- Rotate tokens regularly
Next Steps
- Authentication Guide - Detailed auth setup
- Domains API - Domain management endpoints
- Reports API - Access DMARC report data