API v1

Boring on purpose.

Scoped Bearer keys, JSON everywhere, idempotent sends, and a standards-based MCP endpoint.

Send an email

curl https://api.terriblemail.com/v1/emails \
  -H 'Authorization: Bearer tm_live_…' \
  -H 'Content-Type: application/json' \
  -H 'Idempotency-Key: invoice-1842' \
  -d '{
    "from": "quiet-lantern-k7m2qd9x@terriblemail.com",
    "to": ["person@example.com"],
    "subject": "Hello from a tiny script",
    "text": "It worked."
  }'

Use it as an MCP server

{
  "mcpServers": {
    "terriblemail": {
      "url": "https://api.terriblemail.com/mcp",
      "headers": {
        "Authorization": "Bearer tm_live_…"
      }
    }
  }
}

Authentication

Pass an API key as Authorization: Bearer …. Keys are shown once, stored as SHA-256 hashes, and can be scoped, recipient-restricted, expiring, and rate-limited.

Idempotency

Give send requests an Idempotency-Key. The same key returns the original message for 24 hours.

Errors

REST errors use {"error":{"code":"…","message":"…"}} with meaningful HTTP statuses.

Key scopes

send sends mail; account:read reads account and usage data; messages:read reads message data and raw-message links; inboxes:read lists inboxes; and inboxes:write creates or deletes inboxes. Give scripts and agents only the scopes they need.

Complete reference

Download OpenAPI 3.1