Authentication

MX18 uses a secure, token-based authentication mechanism to validate all email sending requests — both via API and SMTP.

Getting your API token

An API token is automatically generated for your account at the time of signup.

You can view or regenerate it anytime via the MX18 web app:

Go to app.mx18.com
Navigate to Settings > API Keys
Copy your existing token or create a new one

⚠️ Treat your API token like a password. Keep it secret, do not share it publicly or commit it to source code repositories.

Using the token with mail send API

To send emails via API, you must include the token in the Authorization header for every request.

Endpoint

POST https://api.mx18.com/v1/mail/send

Authorization: Bearer YOUR_API_TOKEN Content-Type: application/json

Sample request

curl -X POST https://api.mx18.com/v1/mail/send \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
        "from": "hello@yourdomain.com",
        "to": ["user@example.com"],
        "subject": "Welcome!",
        "content": "Hello from MX18"
      }'

You must authenticate with a valid token and use only domains verified in your account.

Using the Token with SMTP The same API token can be used as the SMTP password for sending emails via standard mail clients.

SMTP configuration

SMTP Server: smtp.mx18.com
Port (STARTTLS): 587
Username: Your registered email address with MX18
Password: Your API token

Token usage guidelines

Your token is specific to your account

You can only send emails from verified sender domains
Unauthorized or expired tokens will result in a 401 Unauthorized error
Rotate tokens regularly for security

Need help?

If you're facing issues with your token:

Visit app.mx18.com/account-settings to regenerate your token
Check if your sending domain is verified
Reach out to our team at support@mx18.com