Authentication

Mail.td uses bearer token authentication. All API requests require a Pro API Token.

How It Works

1. Sign in with Google or GitHub at mail.td/pro/login
2. Create an API Token in the Pro Dashboard
3. Use it in all requests:
   Authorization: Bearer td_xxxxxxxxxxxxxxxxxxxx

Getting a Token

Go to mail.td/pro/login and sign in with your Google or GitHub account. First login automatically creates your Pro account.
Open the Pro Dashboard and create an API Token.
Copy the token immediately — it starts with td_ and is only shown once.

Using the Token

Include the token in the Authorization header of every request:

bash

curl https://api.mail.td/api/accounts/{account_id}/messages \
  -H "Authorization: Bearer td_xxxxxxxxxxxxxxxxxxxx"

OAuth Users

Since registration is via Google or GitHub, there is no password. The API Token is your only credential for API access.

Account Tiers

All registered users start on the Free tier. Upgrade to Pro for higher limits.

	Free	Pro
API rate limit	4 req/s	10 req/s
Operations / month	1,000	100,000
Storage per mailbox	40 MB	50 MB
Custom domains	--	Up to 5
Webhooks	--	Yes
SMTP Sandbox	--	Yes

Check your current usage via GET /api/user/me (ops_used / ops_limit).

Token Lifetime

Token	Expires	Manage
Pro API Token	Never	Revoke in Pro Dashboard

When a token is invalid or revoked, the API returns:

json

HTTP 401
{ "error": "invalid_or_expired_token" }

Security Best Practices

Always use HTTPS (https://api.mail.td)
Don't share tokens or embed them in client-side code
Rotate API tokens periodically
Delete accounts when no longer needed

Authentication ​

How It Works ​

Getting a Token ​

Using the Token ​

Account Tiers ​

Token Lifetime ​