API Authentication

Inboxlayer uses token authentication for API access.

1) Log in

  • Endpoint: POST /api/v1/auth
  • Body: email, password
  • Response: AuthResponse with a usable token

2) Use the token

Include:

Authorization: Bearer <api_token>
Content-Type: application/json

3) Rotate and revoke

  • Endpoint: DELETE /api/v1/auth
  • Use when a process or credential should lose access.

4) Update password

  • Endpoint: PATCH /api/v1/password
  • Useful when rotating user credentials and preserving token strategy.

Error handling

  • 401: token missing, expired, or invalid. Re-authenticate and replay safe reads.
  • 403: valid token but insufficient scope/context. Correct permissions, then retry.
  • Never retry destructive actions blindly without checking idempotency.

Read Error Handling for retry rules.

results matching ""

    No results matching ""