Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.mailbreeze.com/llms.txt

Use this file to discover all available pages before exploring further.

API Keys

All API requests require authentication via an API key. You can create and manage keys in your dashboard.

Key Types

Key PrefixEnvironmentDescription
sk_live_ProductionSends real emails, uses credits
sk_test_SandboxSimulates sending, no emails delivered

Authenticating Requests

Include your API key in the x-api-key header: 
curl -X POST https://api.mailbreeze.com/v1/emails \
  -H "x-api-key: sk_live_xxx" \
  -H "Content-Type: application/json" \
  -d '{ ... }'
Or with SDKs: 
import { MailBreeze } from "mailbreeze";

const mailbreeze = new MailBreeze({ apiKey: "sk_live_xxx" });

Key Permissions

API keys have full access to all endpoints for your domain. To restrict access:
  • Create separate keys for different applications
  • Revoke unused keys immediately
  • Rotate keys periodically

Security Best Practices

Never expose your API key in client-side code, public repositories, or logs.

Do

  • Store keys in environment variables
  • Use secret management systems (e.g., AWS Secrets Manager, Vault)
  • Rotate keys after team member departures
  • Use test keys for development

Don’t

  • Commit keys to version control
  • Share keys via email or chat
  • Use production keys in CI/CD logs
  • Hardcode keys in source code

Environment Variables

Store your API key in an environment variable: 
MAILBREEZE_API_KEY=sk_live_xxx

Error Responses

Authentication errors return a 401 Unauthorized status: 
{
  "error": {
    "code": "UNAUTHORIZED",
    "message": "Invalid or missing API key"
  }
}
Error CodeDescription
UNAUTHORIZEDMissing or invalid API key
KEY_REVOKEDAPI key has been revoked
KEY_EXPIREDAPI key has expired

Rate Limits

API requests are rate limited to 100 requests per minute per API key. Rate limit headers are included in all responses: 
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 99
X-RateLimit-Reset: 2024-01-01T12:01:00Z
HeaderDescription
X-RateLimit-LimitMaximum requests allowed per minute
X-RateLimit-RemainingRequests remaining in current window
X-RateLimit-ResetISO timestamp when the limit resets
When exceeded, you’ll receive a 429 Too Many Requests response with a Retry-After header indicating seconds until reset.