API Documentation
Base URL: https://api.sandmail.dev/v1
Authentication
All API requests require an X-API-Key header with your API key.
curl -H "X-API-Key: sk_live_your_key" \ https://api.sandmail.dev/v1/api/rate-limit
Quick Start (3 lines)
const { SandMail } = require('sandmail');
const client = new SandMail('sk_live_your_key');
const inbox = await client.createInbox(); // Create inbox
const otp = await client.waitForOTP(inbox.email); // Wait + extract
console.log(otp.code); // "847291"Authentication
Inboxes
Emails
OTP Extraction
Wait (Long-poll)
Webhooks
Forwarding
Webhook Payload Format
When an email arrives, we POST a JSON payload to your webhook URL with an HMAC-SHA256 signature in the X-Webhook-Signature header.
{
"event": "message.received",
"webhook_id": "uXYP8uxZu0sQ",
"timestamp": "2026-04-15T12:06:06.477708+00:00",
"data": {
"recipient": "agent_k7x@tempyx.com",
"from": "noreply@twitter.com",
"subject": "Your verification code",
"date": "Wed, 15 Apr 2026 14:05:53 +0200",
"has_otp": true,
"otp": {
"code": "847291",
"type": "numeric_6",
"confidence": "high",
"verification_links": []
}
}
}Available Domains
@tempyx.com
@flyymail.com
@nobinbox.com
@yubomail.com
@yazamail.com
@grootbox.com
@sandtobox.com(forwarding)
OTP Detection Languages
The OTP extractor detects verification codes in 15 languages with high confidence:
EnglishFrenchRussianGermanSpanishPortugueseItalianTurkishChineseJapaneseKoreanArabicHindiDutchPolish