User guide

API reference


Managing your account

Postmark has a set of API endpoints built for managing account level features. Using the servers and sender signatures endpoints, users can:

  • create, read, edit, and delete sender signatures
  • create, read, edit, and delete servers
  • manage your DKIM setup
  • verify SPF entries

Authentication #

The API endpoints that you’ve used so far to send email or search messages have dealt with data that is server specific and thus have used the X-Postmark-Server-Token HTTP header for authentication. Sender signatures and servers belong to an account, so the account management API endpoints use a separate API token and HTTP header for authentication.

To use the account management API endpoints, you will need an Account API token. Only accessible by the account owner, you can find this on the API Tokens tab of your Postmark account. This token is used as the value for the X-Postmark-Account-TokenHTTP header. This HTTP header should be used as the authentication method for all account management API endpoints. If there is a problem with authentication, you will get an HTTP response with a status code of 401 (Unauthorized).