Authentication
The MX18 Email Validation API uses the same authentication header name as the MX18 Mail Send APIs.
You need to acquire your unique Email Validation API Key from our support team.
Authentication method
All requests to the Email Validation API must include your MX18 API key in the request headers.
x-api-key: <YOUR_MX18_API_KEY>
-
API keys are scoped at the account level
-
Permissions and rate limits follow your existing MX18 plan
-
Requests without a valid API key will be rejected
Example request
curl -X POST https://validate.mx18.com/evapi/check-email \
-H 'x-api-key: <<your_api_key>>'
-H "Content-Type: application/json" \
-d '{
"email": "exampleuser@gmail.com"
}'
Security considerations
-
Never expose your API key in client-side applications
-
Rotate API keys periodically
-
Revoke compromised keys immediately from the MX18 dashboard
-
Always use HTTPS when making API requests
Data handling and privacy
-
Email addresses are validated in real time
-
No validation emails are sent to recipients
-
Validation data is processed transiently and not stored for marketing use
-
MX18 follows applicable data protection and privacy regulations
Common authentication errors
| HTTP Status | Description |
|---|---|
401 Unauthorized |
Missing or invalid API key |
403 Forbidden |
API key does not have access to this endpoint |
429 Too Many Requests |
Rate limit exceeded |
What’s next
-
Validate an Email – make your first validation request
-
Understanding the Response – interpret scores, trust bands, and insights
Need help? Contact Support or visit https://support.mx18.com