Scopes

Scopes restrict what an API key can do. If a key has no scopes, it is treated as having default send permissions for backward compatibility. Available scopes

Scope	Required for	Notes
send_email	POST `/api/v1/emails/*`	Includes `send` and `send-global`
read_sends	GET `/api/v1/sends/{id}`	Timeline access when using a key
preferences_read	GET `/api/v1/preferences`	When using an API key
preferences_manage	POST `/api/v1/preferences`	When using an API key

Best practices

Create separate keys per service with the minimum scopes
Rotate keys periodically and on exposure
Apply rate limits per key where appropriate

Authentication Idempotency

⌘I

API documentation

Endpoints