Authentication

Overview

SentinMail uses API keys to authenticate external integrations. Each API key is scoped to a single company and grants access to that company's resources — subscribers, templates, campaigns, and more.

Getting Your API Key

1. Log in to your SentinMail dashboard
2. Navigate to Settings > API Keys
3. Click Create API Key
4. Give it a descriptive name (e.g., "Production Server", "Staging")
5. Copy the key immediately — it's only shown once

Your API key looks like this:

1fm_abc123def456...

Making Authenticated Requests

Include your API key in the X-API-Key header on every request:

1curl -X GET "https://api.sentinmail.app/api/emails/templates/" \
2  -H "X-API-Key: fm_abc123def456..."

Example: Verify Your Key

A quick way to verify your API key is working — fetch your templates:

1curl -X GET "https://api.sentinmail.app/api/emails/templates/" \
2  -H "X-API-Key: YOUR_API_KEY"

Success (200):

1{
2  "count": 5,
3  "next": null,
4  "previous": null,
5  "results": [
6    {
7      "id": "tmpl-uuid-here",
8      "name": "Welcome Email",
9      "subject": "Welcome to our platform!",
10      "created_at": "2026-03-15T10:00:00Z"
11    }
12  ]
13}

Invalid Key (401):

1{
2  "detail": "Invalid API key."
3}

Key Security

Domain Restrictions

When creating an API key, you can optionally restrict it to specific domains. Requests from other origins will be rejected:

1{
2  "name": "Production Only",
3  "allowed_domains": ["api.yourapp.com", "backend.yourapp.com"],
4  "expires_at": "2027-01-01T00:00:00Z"
5}

Rate Limits

API key requests share the same rate limits as authenticated requests. See Rate Limits & Errors for details.

Next Steps

• Send your first email
• Manage newsletter subscriptions
• Set up webhooks