API Overview
mailfloss offers a simple API enabling you to thoroughly check and verify email addresses right at the point of entry into your system.
In addition to checking the syntax, the actual existence of an email address using MX records, and the Simple Mail Transfer Protocol (SMTP), detecting whether the requested mailbox is configured to catch all incoming email traffic, the mailfloss API also identifies role-based email addresses, email addresses from free email providers, and disposable domains.
Combined with typo checks, email address suggestions, and more, these structures will make it simple to automatically filter "real" customers from typos, spammers, abusers, and increase response and success rates of your email campaigns.
You can get all of this with a single API call like the following.
Recommendations
Treat any timeouts as unknown, and if at point of entry, allow the result to pass. It is not uncommon for many smaller email hosts to take many seconds, and for this reason, the result may not come in a timely manner. Rather than force the user to wait, let them proceed. Pass a webhook URL to our batch-verify endpoint to avoid polling for results. This is more efficient. All API calls should be made server-side.
The publicly available API is in beta
The API is currently in beta and under active development. While we'll make every effort to maintain consistency, updates may contain breaking changes.
The mailfloss email verification API allows you to add email verification to any part of your software, ideal for signup, registration, onboarding, and other points of entry.
You will need an API key and an account with mailfloss to use the API. The API key can be generated inside of the mailfloss dashboard.
Make API calls on the server-side only
The API is not suitable for use in client-side scripts (e.g. React, Angular, Vue, jQuery, and other Javascript frameworks) because our verification endpoints do not allow cross-domain requests. Using it directly in the browser would require exposing sensitive API credentials giving anyone access to your account. Please make all requests server-side.
