Authentication

To use the Inboxroad Sending API, you need an API token.

You can generate a token on the Obtain API token page.

The Sending API accepts your token in one of these two headers:

Header	Example	Notes
X-API-Key	X-API-Key: <your_token>	Recommended method. Same header used by the Contacts API.
Authorization	Authorization: Basic <your_token>	Uses a custom Basic format. See note below.

Tip

We recommend using X-API-Key.

It works across both the Sending API and Contacts API.

Caution

The Authorization header uses a non-standard Basic authentication format.

Do not send a base64 encoded username:password value.

Instead, send the raw API token directly after Basic .

Note

The Contacts API only supports the X-API-Key header.

If you use both APIs, we recommend using X-API-Key everywhere.

Example requests

X-API-Key

curl -X GET 'https://webapi.inboxroad.com/api/v1/bounces' \
  -H 'X-API-Key: <your_token>' \
  -H 'Content-Type: application/json'

Authorization

curl -X GET 'https://webapi.inboxroad.com/api/v1/bounces' \
  -H 'Authorization: Basic <your_token>' \
  -H 'Content-Type: application/json'

Error responses

Status code	Meaning
401	The API token is missing, invalid, or incorrectly formatted.
403	The token is valid, but not linked to a customer profile.

If you receive a 401 response, generate a new token via Obtain API token or contact your account manager.