REST Email API Built for Developer Teams
Send transactional email from your application with a clean REST API. OTPs, password resets, order confirmations, billing alerts — all with consistent response shapes, idempotent delivery, and real-time email webhooks status updates.
From your first API call to production scale, the Sendarix API contract stays stable. No surprises as traffic grows, no rebuilding integration as volume increases.
API calls flow through structured validation, queue management, and email routing before reaching destination servers. Delivery outcomes are surfaced via email webhooks and tracked in email analytics.
What You Get
The API is intentionally straightforward: create and send messages, inspect outcomes, and automate reactions. This helps product teams move faster without compromising reliability.
Fast REST Integration
Clear request/response patterns and predictable behavior for modern backend services and internal tools.
Message Lifecycle Tracking
Track accepted, delivered, bounced, and complained states so your product can react in real time.
Operational Visibility
Searchable logs and event streams reduce troubleshooting time when users report delivery issues.
Scale Without Rebuilds
From early-stage workloads to high-volume flows, keep one API contract as volume grows.
Template Data Injection
Pass dynamic variables cleanly so transactional templates stay consistent across products.
Idempotent Send Patterns
Prevent duplicate sends in retry scenarios with deterministic request handling strategies.
What Happens After an API Send Request
A successful API response is the start of the message lifecycle, not the end of it.
Validation
The system checks authentication, request shape, sender identity, and required fields before accepting the request.
Acceptance and Queueing
A successful response means the request has been accepted for processing. It does not necessarily mean the message has already been delivered to the destination server.
Delivery Processing
After acceptance, the message moves through delivery logic that may include queueing, suppression checks, routing policy, and destination-aware pacing.
Event Generation
As the message progresses, delivery events can be exposed to logs, analytics, and webhook consumers so your application can react in near real time. Monitor progression via email analytics or email webhooks.
Why Accepted Does Not Mean Delivered
A successful API response confirms that the request has been accepted into the processing pipeline. Final delivery still depends on validation, suppression checks, routing policy, provider behavior, and downstream delivery outcomes.
Email API vs SMTP Relay
Both approaches can send email, but they solve different integration needs.
Email API
Best for modern applications that want structured requests, cleaner metadata, and easier automation around delivery state. See API docs for integration details.
SMTP Relay
Best for older tools, legacy systems, or environments that already speak SMTP and need compatibility with minimal code changes. See SMTP relay for setup details.
Many teams use an email API for product-driven workflows and SMTP relay for compatibility with older tools, internal systems, or third-party applications that already speak SMTP. Check API docs for implementation, email webhooks for event handling, and email analytics for delivery visibility.
Typical API Flow
A simple pattern your team can implement once and reuse across all transactional scenarios.
1. Submit Request
Your service posts a message payload with recipient, template data, and metadata.
2. Validate & Queue
Input checks, suppression logic, and queueing happen before the delivery stage.
3. Deliver
Messages are routed to destination providers with controlled sending behavior.
4. Consume Events
Use webhooks and logs to update product state and trigger downstream automations.
Real-World Scenario: Idempotent Send Request
A payment confirmation is triggered by a webhook from a payment processor. The application sends via the email API with an idempotency key. If the API call is accidentally retried due to a network timeout, the email routing layer recognizes the duplicate and returns the original queued message ID rather than queuing a second send. Delivery is confirmed via email webhooks.
Example API Request Flow
- Client sends request to API docs
- Request is validated
- Message is queued
- Delivery attempt is executed
- Events are generated and tracked via email webhooks
Note: A successful API response (e.g. 202 Accepted) means the message is queued, not delivered. Track final delivery status with email analytics or webhook events.
Example API Request and Response
Every Sendarix API call uses JSON and returns consistent response shapes. Below are the primary endpoints your integration will call most frequently.
Send Message
POST to /v1/messages with recipient, subject, and template data. Returns a message_id for correlation with downstream webhook events.
POST /v1/messages
Authorization: Bearer sk_live_...
Content-Type: application/json
{
"recipient": "user@example.com",
"subject": "Your verification code",
"template": "otp-code",
"template_data": {
"code": "847291",
"expires_in": "5 minutes"
},
"headers": {
"X-Idempotency-Key": "uuid-v4-here"
}
}
{
"message_id": "msg_abc123xyz",
"status": "queued",
"recipient": "user@example.com",
"created_at": "2026-04-19T14:30:00Z"
}
Returns a message_id and status: queued. Correlate message_id with email webhooks for delivery status.
List Messages
GET /v1/messages returns a paginated list of messages with filtering by status, recipient, and date range.
GET /v1/messages?status=delivered&limit=25 Authorization: Bearer sk_live_...
Get Message
GET /v1/messages/{message_id} returns the current state of a specific message including timestamps, recipient, and delivery outcome.
GET /v1/messages/msg_abc123xyz Authorization: Bearer sk_live_...
Cancel Scheduled Message
DELETE /v1/messages/{message_id} cancels a scheduled message before it is delivered. Returns 404 if already sent.
DELETE /v1/messages/msg_abc123xyz Authorization: Bearer sk_live_...
Add to Suppression List
POST /v1/suppressions adds an address to the suppression list to prevent future sends to that recipient.
POST /v1/suppressions
Authorization: Bearer sk_live_...
{
"recipient": "user@example.com",
"reason": "user_unsubscribed"
}
Validation, Queueing, and Delivery Lifecycle
Understanding what happens between an API call and final delivery helps you design more resilient integrations and debug issues faster.
Step 1: Request Validation
The API validates: required fields (recipient, from, subject), email address format, API key and permissions, content size limits. Validation errors return 400 or 422 immediately with a field-level error array. No message is queued until validation passes.
Step 2: Queue and Acceptance
Validated messages enter the sending queue with a queued status. A message_id is returned immediately so your application can correlate with downstream events. Queue processing is FIFO within priority tiers.
Step 3: Routing and Provider Selection
The routing layer selects the optimal sending path based on recipient domain, IP reputation, and provider performance. This is handled automatically by Sendarix infrastructure.
Step 4: Delivery Attempt
The message is delivered to the recipient's mail server. Delivery outcomes (delivered, bounced, deferred) are posted to your configured webhook endpoint. Track delivery in the email analytics dashboard.
Event Timeline
Each message generates a timeline of events: queued → accepted → delivered/bounced/deferred. You receive webhook events for each state change. Between queued and final state, multiple deferred events may fire as the system retries temporary failures.
Retry Behavior for Deferred Messages
Deferred messages (temporary provider rejection, greylisting) are retried automatically at increasing intervals: 30 seconds, 5 minutes, 30 minutes, 2 hours, 5 hours. After 6 attempts, the message is marked as permanently bounced and you receive a bounce event.
Error Handling and Retry-Safe Integration Patterns
A production-grade integration handles API errors gracefully. These patterns prevent duplicate sends, data inconsistency, and user-facing failures.
HTTP Status Code Reference
Map status codes to retry behavior:
200
— Success — no retry needed
400
— Bad request — fix payload before retrying
401
— Unauthorized — check API key, do not retry
422
— Validation failed — fix payload, do not retry
429
— Rate limited — retry after X-RateLimit-Reset
500
— Server error — retry with exponential backoff
503
— Service unavailable — retry with backoff
Idempotent Send Pattern
Pass an idempotency_key (UUID v4 recommended) in the request headers: Idempotency-Key: {uuid}. If the same idempotency_key is submitted twice within 24 hours, the API returns the original response without re-sending. This prevents duplicate sends during retry loops.
Correlating API Calls to Events
Every message response includes a message_id. Match this against the message_id in email webhooks to confirm delivery. Never assume a 200 OK means the email was delivered — a 200 confirms the message was queued.
Exponential Backoff Implementation
Use this backoff formula: delay = min(base * 2^attempt + jitter, max_delay). Recommended base: 1 second, max_delay: 60 seconds, jitter: 0-1000ms random. Always cap retries at a maximum of 5 attempts to avoid infinite loops.
Dead-Letter Handling
After exhausting retries, log permanently failed messages to a dead-letter table keyed on message_id. Inspect these periodically to identify systemic issues (bad address patterns, provider problems, template errors) and fix upstream.
Common Email API Use Cases
The Sendarix API handles all transactional email flows. These are the most common integration patterns.
One-Time Passwords (OTP)
Send time-sensitive OTP codes for login, password changes, and identity verification. OTP emails require low latency, high deliverability, and clean templates with no distracting content. Set a short TTL in your application — OTP codes are security-sensitive and should not persist in inboxes.
Password Reset Emails
Password reset links must reach users quickly and reliably. These are high-stakes flows — a missed reset email creates support tickets and churn. Pair with email webhooks to detect bounce events and alert security teams if reset emails are bouncing for active users.
Billing and Invoice Notifications
Invoice delivery, payment confirmations, and failed payment alerts drive user engagement with billing systems. Use template data injection to personalize invoice amounts and due dates. For failed payments, trigger retry logic in your system based on the bounce event.
Account Lifecycle Notifications
Welcome emails, email verification, account suspension, and deletion notices are all driven by user actions in your system. These flows work best with an idempotency key per user action to prevent duplicate sends when users trigger the same action multiple times.
System and Security Alerts
New login detected, password changed, device authorized, unusual activity alerts — these require immediate delivery to catch security incidents. Route these through your highest-priority sending path. Set up real-time email analytics alerts for spike patterns that may indicate a compromised account.
Integrate with Your Email Infrastructure
The Email API works alongside SMTP relay for legacy system migration, transactional email templates for content management, and email analytics for cross-channel performance reporting. Build a complete email stack with the API at the center.
Best Paired With
The Email API works especially well with email webhooks for real-time automation, email analytics for operational insight, and SMTP relay for legacy system migration.
Who Uses It
SaaS products, platform teams, account systems, billing engines, and customer support workflows that depend on consistent email delivery. Pair with transactional email templates for scalable content management.
Need SMTP configuration for a specific provider? Check our step-by-step guides for Gmail SMTP settings, Outlook SMTP configuration, Office 365 setup, Yahoo SMTP settings, and SendGrid SMTP settings.
What sets Sendarix apart: The Sendarix email API is designed around infrastructure control — routing rules, queue behavior, and delivery policy are exposed through the API, giving engineering teams programmatic access to what most platforms hide behind dashboards.
Frequently Asked Questions
Can we use API and SMTP together?
Yes. Many teams use API for application workflows and SMTP for legacy systems during migration.
Do we get event data for each message?
Yes. Delivery, bounce, and complaint events are available for operational and product workflows.
Is this suitable for high-volume traffic?
Yes. The same API model is used from low-volume onboarding phases to sustained high-volume sending.
Do we need SPF, DKIM, and DMARC for API sending?
Authenticating your sending domain is strongly recommended. It improves how mailbox providers evaluate your mail and is a baseline expectation for production traffic.
How do API keys and permissions work?
You can issue keys for different environments or services and restrict what each key can do, so staging, CI, and production stay isolated.
What happens if our integration sends invalid or duplicate requests?
The API returns clear validation errors for bad payloads. For retries, use stable identifiers in your app layer so you do not accidentally double-send the same user-facing email.
Can we correlate API calls with downstream delivery?
Yes. Message identifiers and event timelines let you connect a specific API submission to accepted, delivered, bounced, or deferred outcomes.
Is the Email API a good fit for password resets and OTP codes?
Yes. These flows are classic transactional use cases: low latency expectations, high visibility requirements, and tight coupling to your auth or risk systems.
Should we use HTTPS only for API traffic?
Yes. TLS protects credentials and message metadata in transit. Treat API endpoints like any other production secret-bearing surface.
What is the request rate limit on the Email API?
Rate limits vary by plan. Standard plans allow 1,000 requests/minute; enterprise plans support higher throughput. Rate limit headers are included in every response (X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset). Exceeding the limit returns 429 Too Many Requests.
How do we handle API failures gracefully in our application?
Implement exponential backoff with jitter for retries. Treat 429 as a signal to slow down, 5xx as transient errors to retry, and 4xx (except 429) as permanent failures that should not retry. Store the message_id from successful submissions to correlate with downstream webhook events.
What is the maximum message size via API?
Messages up to 50MB total payload are accepted. For files larger than 25MB, Sendarix recommends hosting files externally and including a signed download link in the email body rather than attaching directly. Some mail servers reject messages exceeding 25MB.
Can we schedule email delivery for a future time?
Yes. Pass a scheduled_time parameter (ISO 8601 UTC timestamp) in your API request. Messages are queued and delivered at the specified time. Scheduled messages can be cancelled before delivery by calling the message cancel endpoint with the message_id.
How do we handle unsubscribe programmatically via the API?
The API provides /unsubscribes endpoints for managing suppression records. When a user unsubscribes, add them via the API to prevent future sends to that address. This integrates with the email webhooks unsubscribe event for automatic suppression list updates.
What response codes should our retry logic handle?
Handle these specifically: 200 OK (success, no retry), 400 Bad Request (invalid payload, fix before retry), 401 Unauthorized (invalid API key, do not retry), 422 Unprocessable Entity (validation error, fix payload), 429 Too Many Requests (rate limited, retry after X-RateLimit-Reset), 500 Internal Server Error (transient, retry with backoff).
Ready to move to reliable email infrastructure?
Start free with no card, or talk to sales for high-volume and enterprise.
Start SendingTalk to Sales