REST API Using the API

Conduit API

Conduit bridges inbound SMTP to outbound HTTP webhooks. This REST API manages accounts, sessions, webhooks, and domain ownership.

Version 1.0.0 https://conduit.email/api/v1

Group

System

General system endpoints

GET /api/v1/ping

Ping

Returns a simple status response to confirm the API is reachable. No authentication required.

operationId: ping
Responses
200
Service is up
application/json
PingResponse
curl -X GET "https://conduit.email/api/v1/ping"
200 — PingResponse
{
  "status": "string"
}

Group

Sessions

Authentication and session management

POST /api/v1/sessions

Sign in

operationId: createSession
Responses
200
Either a full session (access_token + refresh_token) or a TOTP challenge when 2FA is enabled on the account.
application/json
any
401
Invalid credentials
application/json
Error
{
  "email": "string",
  "password": "string"
}
curl -X POST "https://conduit.email/api/v1/sessions"
  -H "Content-Type: application/json"
  -d '{"email": "string","password": "string"}'
200 — any
"value"
401 — Error
{
  "code": "string",
  "error": "string"
}
DELETE /api/v1/sessions Auth

Sign out

operationId: deleteSession
Responses
204
Signed out
401
Unauthorized
application/json
Error
{
  "refresh_token": "string"
}
curl -X DELETE "https://conduit.email/api/v1/sessions"
  -H "Authorization: Bearer <token>"
  -H "Content-Type: application/json"
  -d '{"refresh_token": "string"}'
401 — Error
{
  "code": "string",
  "error": "string"
}
POST /api/v1/sessions/2fa

Complete sign-in with TOTP code

operationId: completeTOTPSession
Responses
200
Session tokens
application/json
SessionResponse
401
Invalid TOTP code or challenge token
application/json
Error
{
  "code": "string",
  "totp_token": "string"
}
curl -X POST "https://conduit.email/api/v1/sessions/2fa"
  -H "Content-Type: application/json"
  -d '{"code": "string","totp_token": "string"}'
200 — SessionResponse
{
  "access_token": "string",
  "expires_in": 0,
  "refresh_token": "string"
}
401 — Error
{
  "code": "string",
  "error": "string"
}
POST /api/v1/sessions/refresh

Refresh access token

operationId: refreshSession
Responses
200
New tokens issued
application/json
SessionResponse
401
Invalid or expired refresh token
application/json
Error
{
  "refresh_token": "string"
}
curl -X POST "https://conduit.email/api/v1/sessions/refresh"
  -H "Content-Type: application/json"
  -d '{"refresh_token": "string"}'
200 — SessionResponse
{
  "access_token": "string",
  "expires_in": 0,
  "refresh_token": "string"
}
401 — Error
{
  "code": "string",
  "error": "string"
}

Group

Account

Account management operations

POST /api/v1/accounts

Sign up

operationId: createAccount
Responses
201
Account created
application/json
AccountResponse
409
Email already registered
application/json
Error
422
Validation error
application/json
Error
{
  "email": "string",
  "password": "string"
}
curl -X POST "https://conduit.email/api/v1/accounts"
  -H "Content-Type: application/json"
  -d '{"email": "string","password": "string"}'
201 — AccountResponse
{
  "created_at": "2026-04-02T12:00:00Z",
  "email": "string",
  "id": "string",
  "timezone": "string",
  "updated_at": "2026-04-02T12:00:00Z"
}
409 — Error
{
  "code": "string",
  "error": "string"
}
422 — Error
{
  "code": "string",
  "error": "string"
}
GET /api/v1/accounts/me Auth

Get current account

operationId: getAccount
Responses
200
Account details
application/json
AccountResponse
401
Unauthorized
application/json
Error
curl -X GET "https://conduit.email/api/v1/accounts/me"
  -H "Authorization: Bearer <token>"
200 — AccountResponse
{
  "created_at": "2026-04-02T12:00:00Z",
  "email": "string",
  "id": "string",
  "timezone": "string",
  "updated_at": "2026-04-02T12:00:00Z"
}
401 — Error
{
  "code": "string",
  "error": "string"
}
DELETE /api/v1/accounts/me Auth

Delete account

operationId: deleteAccount
Responses
204
Account deleted
401
Unauthorized
application/json
Error
422
Validation error (confirm not set to true)
application/json
Error
{
  "confirm": true,
  "password": "string"
}
curl -X DELETE "https://conduit.email/api/v1/accounts/me"
  -H "Authorization: Bearer <token>"
  -H "Content-Type: application/json"
  -d '{"confirm": true,"password": "string"}'
401 — Error
{
  "code": "string",
  "error": "string"
}
422 — Error
{
  "code": "string",
  "error": "string"
}
GET /api/v1/accounts/me/audit-log Auth

List audit log entries

Returns the most recent account audit log entries in reverse chronological order. Entries are retained for 180 days.

operationId: listAuditLog
Parameters
limit optional integer query
Maximum number of entries to return (1–200, default 50).
minimum: 1 maximum: 200 default: 50
Responses
200
Audit log entries
application/json
array<AuditLogEntry>
401
Unauthorized
application/json
Error
curl -X GET "https://conduit.email/api/v1/accounts/me/audit-log"
  -H "Authorization: Bearer <token>"
200 — array<AuditLogEntry>
[
  {
    "action": "string",
    "created_at": "2026-04-02T12:00:00Z",
    "id": "string",
    "ip": "string",
    "metadata": {
      "key": "value"
    }
  }
]
401 — Error
{
  "code": "string",
  "error": "string"
}
PUT /api/v1/accounts/me/timezone Auth

Update timezone

operationId: updateTimezone
Responses
204
Timezone updated
401
Unauthorized
application/json
Error
422
Invalid timezone
application/json
Error
{
  "timezone": "string"
}
curl -X PUT "https://conduit.email/api/v1/accounts/me/timezone"
  -H "Authorization: Bearer <token>"
  -H "Content-Type: application/json"
  -d '{"timezone": "string"}'
401 — Error
{
  "code": "string",
  "error": "string"
}
422 — Error
{
  "code": "string",
  "error": "string"
}
POST /api/v1/accounts/me/password-reset

Request password reset

operationId: requestPasswordReset
Responses
202
Reset email sent (always returned; never reveals whether address exists)
{
  "email": "string"
}
curl -X POST "https://conduit.email/api/v1/accounts/me/password-reset"
  -H "Content-Type: application/json"
  -d '{"email": "string"}'
PUT /api/v1/accounts/me/password Auth

Change password

operationId: changePassword
Responses
204
Password changed. Refresh tokens and API access tokens are revoked when revoke_api_tokens=true.
401
Unauthorized
application/json
Error
422
Validation error
application/json
Error
{
  "current_password": "string",
  "new_password": "string",
  "revoke_api_tokens": true
}
curl -X PUT "https://conduit.email/api/v1/accounts/me/password"
  -H "Authorization: Bearer <token>"
  -H "Content-Type: application/json"
  -d '{"current_password": "string","new_password": "string","revoke_api_tokens": true}'
401 — Error
{
  "code": "string",
  "error": "string"
}
422 — Error
{
  "code": "string",
  "error": "string"
}
PUT /api/v1/accounts/me/password-reset

Confirm password reset

operationId: confirmPasswordReset
Responses
204
Password reset successful. Refresh tokens and API access tokens are revoked.
401
Token invalid or expired
application/json
Error
422
Validation error
application/json
Error
{
  "new_password": "string",
  "token": "string"
}
curl -X PUT "https://conduit.email/api/v1/accounts/me/password-reset"
  -H "Content-Type: application/json"
  -d '{"new_password": "string","token": "string"}'
401 — Error
{
  "code": "string",
  "error": "string"
}
422 — Error
{
  "code": "string",
  "error": "string"
}

Group

Domains

Domain management operations

GET /api/v1/domains Auth

List domains

operationId: listDomains
Responses
200
List of domains
application/json
array<DomainResponse>
401
Unauthorized
application/json
Error
curl -X GET "https://conduit.email/api/v1/domains"
  -H "Authorization: Bearer <token>"
200 — array<DomainResponse>
[
  {
    "account_id": "string",
    "created_at": "2026-04-02T12:00:00Z",
    "id": "string",
    "is_public": true,
    "name": "string",
    "updated_at": "2026-04-02T12:00:00Z",
    "verification_token": "string",
    "verified": true
  }
]
401 — Error
{
  "code": "string",
  "error": "string"
}
POST /api/v1/domains Auth

Claim a domain

operationId: createDomainClaim
Responses
201
Domain claimed
application/json
DomainResponse
401
Unauthorized
application/json
Error
409
Domain already claimed
application/json
Error
422
Invalid domain name
application/json
Error
{
  "name": "string"
}
curl -X POST "https://conduit.email/api/v1/domains"
  -H "Authorization: Bearer <token>"
  -H "Content-Type: application/json"
  -d '{"name": "string"}'
201 — DomainResponse
{
  "account_id": "string",
  "created_at": "2026-04-02T12:00:00Z",
  "id": "string",
  "is_public": true,
  "name": "string",
  "updated_at": "2026-04-02T12:00:00Z",
  "verification_token": "string",
  "verified": true
}
401 — Error
{
  "code": "string",
  "error": "string"
}
409 — Error
{
  "code": "string",
  "error": "string"
}
422 — Error
{
  "code": "string",
  "error": "string"
}
GET /api/v1/domains/{id} Auth

Get domain

operationId: getDomain
Parameters
id required string path
Domain ID
Responses
200
Domain details
application/json
DomainResponse
401
Unauthorized
application/json
Error
404
Not found
application/json
Error
curl -X GET "https://conduit.email/api/v1/domains/{id}"
  -H "Authorization: Bearer <token>"
200 — DomainResponse
{
  "account_id": "string",
  "created_at": "2026-04-02T12:00:00Z",
  "id": "string",
  "is_public": true,
  "name": "string",
  "updated_at": "2026-04-02T12:00:00Z",
  "verification_token": "string",
  "verified": true
}
401 — Error
{
  "code": "string",
  "error": "string"
}
404 — Error
{
  "code": "string",
  "error": "string"
}
DELETE /api/v1/domains/{id} Auth

Delete domain

operationId: deleteDomain
Parameters
id required string path
Domain ID
Responses
204
Domain deleted
401
Unauthorized
application/json
Error
404
Not found
application/json
Error
curl -X DELETE "https://conduit.email/api/v1/domains/{id}"
  -H "Authorization: Bearer <token>"
401 — Error
{
  "code": "string",
  "error": "string"
}
404 — Error
{
  "code": "string",
  "error": "string"
}
POST /api/v1/domains/{id}/verify Auth

Trigger DNS verification for a domain (TXT ownership token + MX record)

Performs two DNS checks before marking the domain as verified: 1. A TXT lookup under `_conduit-verify.<domain>` must return the domain's verification token. 2. An MX lookup for `<domain>` must return a record pointing to `mx.conduit.email` (priority 10). Both records must be in place before calling this endpoint. If either check fails a `422` is returned.

operationId: verifyDomain
Parameters
id required string path
Domain ID
Responses
200
Domain verified
application/json
DomainResponse
401
Unauthorized
application/json
Error
404
Not found
application/json
Error
422
DNS TXT record or MX record not found or does not match
application/json
Error
curl -X POST "https://conduit.email/api/v1/domains/{id}/verify"
  -H "Authorization: Bearer <token>"
200 — DomainResponse
{
  "account_id": "string",
  "created_at": "2026-04-02T12:00:00Z",
  "id": "string",
  "is_public": true,
  "name": "string",
  "updated_at": "2026-04-02T12:00:00Z",
  "verification_token": "string",
  "verified": true
}
401 — Error
{
  "code": "string",
  "error": "string"
}
404 — Error
{
  "code": "string",
  "error": "string"
}
422 — Error
{
  "code": "string",
  "error": "string"
}

Group

SMTP Policies

SMTP security policy management

GET /api/v1/smtp-policies Auth

List SMTP security policies

operationId: listSmtpSecurityPolicies
Responses
200
List of SMTP security policies
application/json
array<SmtpSecurityPolicyResponse>
401
Unauthorized
application/json
Error
curl -X GET "https://conduit.email/api/v1/smtp-policies"
  -H "Authorization: Bearer <token>"
200 — array<SmtpSecurityPolicyResponse>
[
  {
    "allowed_dkim_domains": "string",
    "allowed_source_ips": "string",
    "allowed_spf_domains": "string",
    "created_at": "2026-04-02T12:00:00Z",
    "id": "string",
    "name": "string",
    "require_dkim": true,
    "require_smtp_auth": true,
    "require_spf": true,
    "smtp_credentials": "string",
    "updated_at": "2026-04-02T12:00:00Z"
  }
]
401 — Error
{
  "code": "string",
  "error": "string"
}
POST /api/v1/smtp-policies Auth

Create SMTP security policy

operationId: createSmtpSecurityPolicy
Responses
201
Policy created
application/json
SmtpSecurityPolicyResponse
401
Unauthorized
application/json
Error
422
Validation error
application/json
Error
{
  "allowed_dkim_domains": "string",
  "allowed_source_ips": "string",
  "allowed_spf_domains": "string",
  "name": "string",
  "require_dkim": true,
  "require_smtp_auth": true,
  "require_spf": true,
  "smtp_credentials": "string"
}
curl -X POST "https://conduit.email/api/v1/smtp-policies"
  -H "Authorization: Bearer <token>"
  -H "Content-Type: application/json"
  -d '{"allowed_dkim_domains": "string","allowed_source_ips": "string","allowed_spf_domains": "string","name": "string","require_dkim": true,"require_smtp_auth": true,"require_spf": true,"smtp_credentials": "string"}'
201 — SmtpSecurityPolicyResponse
{
  "allowed_dkim_domains": "string",
  "allowed_source_ips": "string",
  "allowed_spf_domains": "string",
  "created_at": "2026-04-02T12:00:00Z",
  "id": "string",
  "name": "string",
  "require_dkim": true,
  "require_smtp_auth": true,
  "require_spf": true,
  "smtp_credentials": "string",
  "updated_at": "2026-04-02T12:00:00Z"
}
401 — Error
{
  "code": "string",
  "error": "string"
}
422 — Error
{
  "code": "string",
  "error": "string"
}
GET /api/v1/smtp-policies/{id} Auth

Get SMTP security policy

operationId: getSmtpSecurityPolicy
Parameters
id required string path
SMTP security policy ID
Responses
200
Policy details
application/json
SmtpSecurityPolicyResponse
401
Unauthorized
application/json
Error
404
Not found
application/json
Error
curl -X GET "https://conduit.email/api/v1/smtp-policies/{id}"
  -H "Authorization: Bearer <token>"
200 — SmtpSecurityPolicyResponse
{
  "allowed_dkim_domains": "string",
  "allowed_source_ips": "string",
  "allowed_spf_domains": "string",
  "created_at": "2026-04-02T12:00:00Z",
  "id": "string",
  "name": "string",
  "require_dkim": true,
  "require_smtp_auth": true,
  "require_spf": true,
  "smtp_credentials": "string",
  "updated_at": "2026-04-02T12:00:00Z"
}
401 — Error
{
  "code": "string",
  "error": "string"
}
404 — Error
{
  "code": "string",
  "error": "string"
}
PUT /api/v1/smtp-policies/{id} Auth

Update SMTP security policy

operationId: updateSmtpSecurityPolicy
Parameters
id required string path
SMTP security policy ID
Responses
200
Updated policy
application/json
SmtpSecurityPolicyResponse
401
Unauthorized
application/json
Error
404
Not found
application/json
Error
422
Validation error
application/json
Error
{
  "allowed_dkim_domains": "string",
  "allowed_source_ips": "string",
  "allowed_spf_domains": "string",
  "name": "string",
  "require_dkim": true,
  "require_smtp_auth": true,
  "require_spf": true,
  "smtp_credentials": "string"
}
curl -X PUT "https://conduit.email/api/v1/smtp-policies/{id}"
  -H "Authorization: Bearer <token>"
  -H "Content-Type: application/json"
  -d '{"allowed_dkim_domains": "string","allowed_source_ips": "string","allowed_spf_domains": "string","name": "string","require_dkim": true,"require_smtp_auth": true,"require_spf": true,"smtp_credentials": "string"}'
200 — SmtpSecurityPolicyResponse
{
  "allowed_dkim_domains": "string",
  "allowed_source_ips": "string",
  "allowed_spf_domains": "string",
  "created_at": "2026-04-02T12:00:00Z",
  "id": "string",
  "name": "string",
  "require_dkim": true,
  "require_smtp_auth": true,
  "require_spf": true,
  "smtp_credentials": "string",
  "updated_at": "2026-04-02T12:00:00Z"
}
401 — Error
{
  "code": "string",
  "error": "string"
}
404 — Error
{
  "code": "string",
  "error": "string"
}
422 — Error
{
  "code": "string",
  "error": "string"
}
DELETE /api/v1/smtp-policies/{id} Auth

Delete SMTP security policy

operationId: deleteSmtpSecurityPolicy
Parameters
id required string path
SMTP security policy ID
Responses
204
Policy deleted
401
Unauthorized
application/json
Error
404
Not found
application/json
Error
curl -X DELETE "https://conduit.email/api/v1/smtp-policies/{id}"
  -H "Authorization: Bearer <token>"
401 — Error
{
  "code": "string",
  "error": "string"
}
404 — Error
{
  "code": "string",
  "error": "string"
}

Group

Webhooks

Webhook management and delivery logs

GET /api/v1/webhooks Auth

List webhooks

operationId: listWebhooks
Responses
200
List of webhooks
application/json
array<WebhookResponse>
401
Unauthorized
application/json
Error
curl -X GET "https://conduit.email/api/v1/webhooks"
  -H "Authorization: Bearer <token>"
200 — array<WebhookResponse>
[
  {
    "active": true,
    "address": "string",
    "created_at": "2026-04-02T12:00:00Z",
    "custom_headers": {
      "key": "value"
    },
    "id": "string",
    "name": "string",
    "payload_template": "string",
    "rate_limit": 0,
    "secret": "string",
    "smtp_security_policy_id": "string",
    "target_url": "string",
    "updated_at": "2026-04-02T12:00:00Z"
  }
]
401 — Error
{
  "code": "string",
  "error": "string"
}
POST /api/v1/webhooks Auth

Create webhook

operationId: createWebhook
Responses
201
Webhook created (includes secret)
application/json
WebhookResponse
401
Unauthorized
application/json
Error
409
Address already registered
application/json
Error
422
Validation error
application/json
Error
{
  "active": true,
  "address": "string",
  "custom_headers": {
    "key": "value"
  },
  "name": "string",
  "payload_template": "string",
  "rate_limit": 0,
  "secret": "string",
  "smtp_security_policy_id": "string",
  "target_url": "string"
}
curl -X POST "https://conduit.email/api/v1/webhooks"
  -H "Authorization: Bearer <token>"
  -H "Content-Type: application/json"
  -d '{"active": true,"address": "string","custom_headers": {"key": "value"},"name": "string","payload_template": "string","rate_limit": 0,"secret": "string","smtp_security_policy_id": "string","target_url": "string"}'
201 — WebhookResponse
{
  "active": true,
  "address": "string",
  "created_at": "2026-04-02T12:00:00Z",
  "custom_headers": {
    "key": "value"
  },
  "id": "string",
  "name": "string",
  "payload_template": "string",
  "rate_limit": 0,
  "secret": "string",
  "smtp_security_policy_id": "string",
  "target_url": "string",
  "updated_at": "2026-04-02T12:00:00Z"
}
401 — Error
{
  "code": "string",
  "error": "string"
}
409 — Error
{
  "code": "string",
  "error": "string"
}
422 — Error
{
  "code": "string",
  "error": "string"
}
GET /api/v1/webhooks/{id} Auth

Get webhook

operationId: getWebhook
Parameters
id required string path
Webhook ID
Responses
200
Webhook details
application/json
WebhookResponse
401
Unauthorized
application/json
Error
404
Not found
application/json
Error
curl -X GET "https://conduit.email/api/v1/webhooks/{id}"
  -H "Authorization: Bearer <token>"
200 — WebhookResponse
{
  "active": true,
  "address": "string",
  "created_at": "2026-04-02T12:00:00Z",
  "custom_headers": {
    "key": "value"
  },
  "id": "string",
  "name": "string",
  "payload_template": "string",
  "rate_limit": 0,
  "secret": "string",
  "smtp_security_policy_id": "string",
  "target_url": "string",
  "updated_at": "2026-04-02T12:00:00Z"
}
401 — Error
{
  "code": "string",
  "error": "string"
}
404 — Error
{
  "code": "string",
  "error": "string"
}
PUT /api/v1/webhooks/{id} Auth

Update webhook

operationId: updateWebhook
Parameters
id required string path
Webhook ID
Responses
200
Updated webhook
application/json
WebhookResponse
401
Unauthorized
application/json
Error
404
Not found
application/json
Error
409
Address already registered
application/json
Error
422
Validation error
application/json
Error
{
  "active": true,
  "address": "string",
  "clear_security_policy": true,
  "custom_headers": {
    "key": "value"
  },
  "name": "string",
  "payload_template": "string",
  "rate_limit": 0,
  "secret": "string",
  "smtp_security_policy_id": "string",
  "target_url": "string"
}
curl -X PUT "https://conduit.email/api/v1/webhooks/{id}"
  -H "Authorization: Bearer <token>"
  -H "Content-Type: application/json"
  -d '{"active": true,"address": "string","clear_security_policy": true,"custom_headers": {"key": "value"},"name": "string","payload_template": "string","rate_limit": 0,"secret": "string","smtp_security_policy_id": "string","target_url": "string"}'
200 — WebhookResponse
{
  "active": true,
  "address": "string",
  "created_at": "2026-04-02T12:00:00Z",
  "custom_headers": {
    "key": "value"
  },
  "id": "string",
  "name": "string",
  "payload_template": "string",
  "rate_limit": 0,
  "secret": "string",
  "smtp_security_policy_id": "string",
  "target_url": "string",
  "updated_at": "2026-04-02T12:00:00Z"
}
401 — Error
{
  "code": "string",
  "error": "string"
}
404 — Error
{
  "code": "string",
  "error": "string"
}
409 — Error
{
  "code": "string",
  "error": "string"
}
422 — Error
{
  "code": "string",
  "error": "string"
}
DELETE /api/v1/webhooks/{id} Auth

Delete webhook

operationId: deleteWebhook
Parameters
id required string path
Webhook ID
Responses
204
Webhook deleted
401
Unauthorized
application/json
Error
404
Not found
application/json
Error
curl -X DELETE "https://conduit.email/api/v1/webhooks/{id}"
  -H "Authorization: Bearer <token>"
401 — Error
{
  "code": "string",
  "error": "string"
}
404 — Error
{
  "code": "string",
  "error": "string"
}
GET /api/v1/webhooks/{id}/logs Auth

List delivery logs for a webhook

operationId: listDeliveryLogs
Parameters
id required string path
Webhook ID
page optional integer query
Page number (1-based)
page_size optional integer query
Number of results per page
Responses
200
List of delivery logs
application/json
array<DeliveryLogResponse>
401
Unauthorized
application/json
Error
404
Webhook not found
application/json
Error
curl -X GET "https://conduit.email/api/v1/webhooks/{id}/logs"
  -H "Authorization: Bearer <token>"
200 — array<DeliveryLogResponse>
[
  {
    "attempted_at": "2026-04-02T12:00:00Z",
    "duration_ms": 0,
    "error": "string",
    "http_status": 0,
    "id": "string",
    "sender": "string",
    "simulated": true,
    "smtp_message_id": "string",
    "webhook_id": "string"
  }
]
401 — Error
{
  "code": "string",
  "error": "string"
}
404 — Error
{
  "code": "string",
  "error": "string"
}
POST /api/v1/webhooks/{id}/simulate Auth

Simulate an incoming email and trigger the webhook

Constructs a synthetic email message and delivers it to the webhook target, recording the result in the delivery log with a simulated flag.

operationId: simulateWebhook
Parameters
id required string path
Webhook ID
Responses
200
Delivery attempt completed (check http_status / error for outcome)
application/json
SimulateWebhookResponse
401
Unauthorized
application/json
Error
404
Webhook not found
application/json
Error
{
  "from": "string",
  "subject": "string",
  "text": "string"
}
curl -X POST "https://conduit.email/api/v1/webhooks/{id}/simulate"
  -H "Authorization: Bearer <token>"
  -H "Content-Type: application/json"
  -d '{"from": "string","subject": "string","text": "string"}'
200 — SimulateWebhookResponse
{
  "duration_ms": 0,
  "error": "string",
  "http_status": 0,
  "simulated": true
}
401 — Error
{
  "code": "string",
  "error": "string"
}
404 — Error
{
  "code": "string",
  "error": "string"
}
GET /api/v1/webhooks/{id}/logs/{logId} Auth

Get a single delivery log entry

operationId: getDeliveryLog
Parameters
id required string path
Webhook ID
logId required string path
Delivery log entry ID
Responses
200
Delivery log entry
application/json
DeliveryLogResponse
401
Unauthorized
application/json
Error
404
Not found
application/json
Error
curl -X GET "https://conduit.email/api/v1/webhooks/{id}/logs/{logId}"
  -H "Authorization: Bearer <token>"
200 — DeliveryLogResponse
{
  "attempted_at": "2026-04-02T12:00:00Z",
  "duration_ms": 0,
  "error": "string",
  "http_status": 0,
  "id": "string",
  "sender": "string",
  "simulated": true,
  "smtp_message_id": "string",
  "webhook_id": "string"
}
401 — Error
{
  "code": "string",
  "error": "string"
}
404 — Error
{
  "code": "string",
  "error": "string"
}

Group

2FA

Two-factor authentication

DELETE /api/v1/accounts/me/2fa Auth

Disable TOTP two-factor authentication

operationId: disableTOTP
Responses
204
TOTP disabled
401
Invalid TOTP code
application/json
Error
422
TOTP not enabled
application/json
Error
{
  "code": "string"
}
curl -X DELETE "https://conduit.email/api/v1/accounts/me/2fa"
  -H "Authorization: Bearer <token>"
  -H "Content-Type: application/json"
  -d '{"code": "string"}'
401 — Error
{
  "code": "string",
  "error": "string"
}
422 — Error
{
  "code": "string",
  "error": "string"
}
POST /api/v1/accounts/me/2fa/backup-codes Auth

Regenerate TOTP backup codes

operationId: regenerateBackupCodes
Responses
200
New backup codes
application/json
BackupCodesResponse
401
Invalid TOTP code
application/json
Error
422
TOTP not enabled
application/json
Error
{
  "code": "string"
}
curl -X POST "https://conduit.email/api/v1/accounts/me/2fa/backup-codes"
  -H "Authorization: Bearer <token>"
  -H "Content-Type: application/json"
  -d '{"code": "string"}'
200 — BackupCodesResponse
{
  "backup_codes": [
    "string"
  ]
}
401 — Error
{
  "code": "string",
  "error": "string"
}
422 — Error
{
  "code": "string",
  "error": "string"
}
POST /api/v1/accounts/me/2fa/enable Auth

Enable TOTP two-factor authentication

operationId: enableTOTP
Responses
200
TOTP enabled; backup codes returned
application/json
BackupCodesResponse
401
Invalid TOTP code
application/json
Error
409
TOTP already enabled
application/json
Error
422
TOTP not set up yet
application/json
Error
{
  "code": "string"
}
curl -X POST "https://conduit.email/api/v1/accounts/me/2fa/enable"
  -H "Authorization: Bearer <token>"
  -H "Content-Type: application/json"
  -d '{"code": "string"}'
200 — BackupCodesResponse
{
  "backup_codes": [
    "string"
  ]
}
401 — Error
{
  "code": "string",
  "error": "string"
}
409 — Error
{
  "code": "string",
  "error": "string"
}
422 — Error
{
  "code": "string",
  "error": "string"
}
POST /api/v1/accounts/me/2fa/setup Auth

Set up TOTP two-factor authentication

operationId: setupTOTP
Responses
200
TOTP setup details
application/json
SetupTOTPResponse
401
Unauthorized
application/json
Error
curl -X POST "https://conduit.email/api/v1/accounts/me/2fa/setup"
  -H "Authorization: Bearer <token>"
200 — SetupTOTPResponse
{
  "otpauth_url": "string",
  "qr_code_png": "string",
  "secret": "string"
}
401 — Error
{
  "code": "string",
  "error": "string"
}

Group

API Tokens

Long-lived API token management

GET /api/v1/accounts/me/api-tokens Auth

List API tokens

operationId: listAPITokens
Responses
200
List of API tokens
application/json
array<APITokenResponse>
401
Unauthorized
application/json
Error
curl -X GET "https://conduit.email/api/v1/accounts/me/api-tokens"
  -H "Authorization: Bearer <token>"
200 — array<APITokenResponse>
[
  {
    "allowed_ips": [
      "string"
    ],
    "created_at": "2026-04-02T12:00:00Z",
    "expires_at": "2026-04-02T12:00:00Z",
    "id": "string",
    "last_used_at": "2026-04-02T12:00:00Z",
    "name": "string",
    "token": "string"
  }
]
401 — Error
{
  "code": "string",
  "error": "string"
}
POST /api/v1/accounts/me/api-tokens Auth

Create an API token

operationId: createAPIToken
Responses
201
Token created
application/json
APITokenResponse
401
Unauthorized
application/json
Error
422
Validation error
application/json
Error
{
  "allowed_ips": [
    "string"
  ],
  "expires_in": 0,
  "name": "string"
}
curl -X POST "https://conduit.email/api/v1/accounts/me/api-tokens"
  -H "Authorization: Bearer <token>"
  -H "Content-Type: application/json"
  -d '{"allowed_ips": ["string"],"expires_in": 0,"name": "string"}'
201 — APITokenResponse
{
  "allowed_ips": [
    "string"
  ],
  "created_at": "2026-04-02T12:00:00Z",
  "expires_at": "2026-04-02T12:00:00Z",
  "id": "string",
  "last_used_at": "2026-04-02T12:00:00Z",
  "name": "string",
  "token": "string"
}
401 — Error
{
  "code": "string",
  "error": "string"
}
422 — Error
{
  "code": "string",
  "error": "string"
}
DELETE /api/v1/accounts/me/api-tokens/{id} Auth

Revoke an API token

operationId: deleteAPIToken
Parameters
id required string path
Responses
204
Token revoked
401
Unauthorized
application/json
Error
404
Not found
application/json
Error
curl -X DELETE "https://conduit.email/api/v1/accounts/me/api-tokens/{id}"
  -H "Authorization: Bearer <token>"
401 — Error
{
  "code": "string",
  "error": "string"
}
404 — Error
{
  "code": "string",
  "error": "string"
}