How do I authenticate with the MailStack API keys API?

Send a user token as a Bearer credential plus your organization id in the X-MailStack-Org header.

What is the base URL for the MailStack API keys API?

All requests go to https://api.mailstack.voostack.com over HTTPS and exchange JSON.

Which official SDKs cover the MailStack API keys API?

MailStack ships official SDKs for Node.js, .NET, Go, and Flutter/Dart, plus a plain cURL/REST interface.

API keys

Create scoped API keys (live and test mode), list their metadata, and revoke them. Full secrets are shown exactly once.

Method	Path	Description
GET	/v1/api-keys	List API keys (metadata only — secrets never returned).
POST	/v1/api-keys	Create an API key (full secret shown once).
DELETE	/v1/api-keys/{id}	Revoke a key immediately (cannot be reactivated).

GET /v1/api-keys

Token + X-MailStack-Org

List API keys (metadata only — secrets never returned).

Response

[ { "id": "...", "name": "Production", "keyPrefix": "abc12xyz", "maskedKey": "ms_live_abc12xyz_••••", "scopes": ["emails:send"], "isActive": true } ]

POST /v1/api-keys

Token + X-MailStack-Org

Available scopes: emails:send, domains:read, templates:read, templates:write. The returned fullKey is the only time the secret is visible — store it securely.

Request body

{ "name": "Production", "scopes": ["emails:send"], "expiresAt": null }

Response

{
  "key": { "id": "...", "name": "Production", "keyPrefix": "abc12xyz", "scopes": ["emails:send"] },
  "fullKey": "ms_live_abc12xyz_ZmFrZXNlY3JldA"
}

POST /v1/api-keys

curl https://api.mailstack.voostack.com/v1/api-keys \
  -H "Authorization: Bearer <jwt>" \
  -H "X-MailStack-Org: org_..." \
  -H "Content-Type: application/json" \
  -d '{ "name": "Production", "scopes": ["emails:send"] }'

DELETE /v1/api-keys/{id}

Token + X-MailStack-Org

Revoke a key immediately (cannot be reactivated).

Response

{ "status": "ok" }

SDKs

Prefer a typed client? The API keys endpoints are covered by the official Node, .NET, Go, and Flutter/Dart SDKs.