Mailcub logo
Back to Documentation

API Authentication

Learn how to authenticate your requests to the MailCub API securely and efficiently.

Getting Your API Key

1

Log in to your MailCub dashboard

Navigate to your account dashboard at dashboard.mailcub.com

2

Go to API Settings

Click on "Settings" in the sidebar, then select "API Keys"

3

Generate a new API key

Click "Create New Key", give it a name, and set appropriate permissions

4

Copy and store securely

Copy the API key immediately - you won't be able to see it again

API Key Format

Your API Key
sk_live_••••••••••••••••••••••••••••••••••••

Live keys start with sk_live_

Test keys start with sk_test_

Authentication Methods

Bearer Token

Recommended

Most common method using API keys in the Authorization header

Authorization: Bearer sk_live_1234567890abcdef

Basic Auth

Alternative method using username/password authentication

Authorization: Basic base64(api_key:password)

Implementation Examples

cURL

curl -X POST https://api.mailcub.com/v1/send \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"to": "user@example.com", "subject": "Test"}'

JavaScript

const response = await fetch('https://api.mailcub.com/v1/send', {
  method: 'POST',
  headers: {
    'Authorization': 'Bearer ' + process.env.MAILCUB_API_KEY,
    'Content-Type': 'application/json'
  },
  body: JSON.stringify({
    to: 'user@example.com',
    subject: 'Test Email'
  })
});

Python

import requests
import os

headers = {
    'Authorization': f'Bearer {os.getenv("MAILCUB_API_KEY")}',
    'Content-Type': 'application/json'
}

response = requests.post(
    'https://api.mailcub.com/v1/send',
    headers=headers,
    json={'to': 'user@example.com', 'subject': 'Test Email'}
)

Security Best Practices

🔐

Store Keys Securely

Never hard-code API keys in your source code. Use environment variables or secure key management systems.

🏗️

Use Different Keys for Different Environments

Create separate API keys for development, staging, and production environments.

🔄

Rotate Keys Regularly

Regularly rotate your API keys and revoke unused keys to maintain security.

📊

Monitor Key Usage

Keep track of API key usage and set up alerts for unusual activity.

Authentication Errors

401 Unauthorized

This error occurs when your API key is missing, invalid, or expired.

{
  "error": {
    "code": "unauthorized",
    "message": "Invalid API key provided"
  }
}

403 Forbidden

Your API key doesn't have permission to perform this action.

{
  "error": {
    "code": "forbidden",
    "message": "API key lacks required permissions"
  }
}

Rate Limits

API Rate Limits

Free Plan: 100 requests per hour

Starter Plan: 1,000 requests per hour

Professional Plan: 10,000 requests per hour

Enterprise Plan: Custom limits

Tip: Check the X-RateLimit-Remaining header in API responses to monitor your usage.

Testing Your Authentication

Use this simple test to verify your API key is working correctly:

curl -X GET https://api.mailcub.com/v1/account \
  -H "Authorization: Bearer YOUR_API_KEY"
A successful response will return your account information