Authentication

To use MailSlurp APIs authenticate your requests with an API Key.

• Create an API Key in the dashboard
• Configure your SDK library or add x-api-key header to your requests

Authentication methods

MailSlurp accepts API keys using:

• Request header: x-api-key: YOUR_API_KEY (recommended)
• Query parameter: ?apiKey=YOUR_API_KEY

Use header-based authentication by default, especially in server-side applications.

Basic HTTP example

curl -sS https://api.mailslurp.com/inboxes \
  -H 'x-api-key: YOUR_API_KEY'

API key handling guidance

• Use environment variables or secret stores, not hardcoded keys.
• Use separate keys for local, staging, and production contexts.
• Rotate keys on a regular schedule and after credential exposure.
• Restrict dashboard/API key ownership to the minimum required team members.

Related docs

• REST API
• Quick start
• Team accounts and access