Authentication - Unosend

All API requests require a Bearer token in the Authorization header.

Authorization: Bearer un_your_api_key

Getting Your Send Mail Token

Your Send Mail Token is provided when you’re onboarded. Each token is unique to your account. If you need a new token, contact us.

Keep your token secure. Never expose it in client-side code.

Using the Key

Include it in every request:

curl -X POST https://api.unosend.co/emails \
  -H "Authorization: Bearer un_your_api_key" \
  -H "Content-Type: application/json" \
  -d '{"from": "hi@yourdomain.com", "to": ["user@example.com"], "subject": "Test", "html": "<p>Hello</p>"}'

Security Best Practices

Never expose keys in client-side code — only use them server-side
Use environment variables — store keys in UNOSEND_API_KEY, not in source code
Rotate keys regularly — contact us if you need to regenerate your token
One key per service — request separate tokens for different apps so you can revoke independently

Error Responses

Status	Meaning
`401`	Missing or invalid API key
`403`	Key doesn’t have permission for this action

Sending EmailsLearn how to send different types of emails with Unosend, from simple messages to complex HTML emails with attachments.

​Getting Your Send Mail Token

​Using the Key

​Security Best Practices

​Error Responses

Getting Your Send Mail Token

Using the Key

Security Best Practices

Error Responses