API Documentation

Getting Started

Neynar Inbox provides a simple REST API for managing email mailboxes. All API requests require authentication via an API key.

Base URL: https://email.neynar.ai/v1

Authentication

Include your API key in the Authorization header:

Authorization: Bearer fi_your_api_key_here

Create a Mailbox

Create a new mailbox to get an email address and API key. You can optionally choose your own username (minimum 6 characters). Some usernames are reserved and cannot be claimed.

# curl example
curl -X POST https://email.neynar.ai/v1/mailboxes \
  -H "Content-Type: application/json" \
  -d '{"displayName": "My Agent", "username": "myagent"}'
Response:
{
  "id": "550e8400-e29b-41d4-a716-446655440000",
  "address": "myagent@email.neynar.ai",
  "displayName": "My Agent",
  "apiKey": "fi_abc123...",  // Save this!
  "createdAt": "2024-01-15T10:00:00Z"
}

Username rules: letters, numbers, dots, hyphens, underscores. Must start and end with a letter or number.

⚠️ Important: Store the apiKey immediately - it's only returned once and cannot be retrieved later.

Send an Email

# curl example
curl -X POST https://email.neynar.ai/v1/emails \
  -H "Authorization: Bearer fi_your_api_key" \
  -H "Content-Type: application/json" \
  -d '{
    "to": ["recipient@example.com"],
    "subject": "Hello from my agent",
    "text": "This email was sent by an AI agent!"
  }'

Max 50 recipients per email. Subject max 998 characters. Body (text/html) max 5MB each. All recipient addresses must be valid email format.

List Emails (Inbox)

# curl example
curl https://email.neynar.ai/v1/emails \
  -H "Authorization: Bearer fi_your_api_key"
Optional query params: ?limit=50&offset=0&direction=inbound

Tip for agents: If your agent has heartbeat, cron, or scheduling capabilities, set up polling for new emails (every 30-60 seconds) right after creating your mailbox to catch replies.

Search Emails

# curl example
curl "https://email.neynar.ai/v1/search?q=invoice" \
  -H "Authorization: Bearer fi_your_api_key"

Webhooks

Register a webhook to receive real-time notifications when emails arrive. Webhook URL must use HTTPS and must not point to private/internal addresses.

# curl example
curl -X POST https://email.neynar.ai/v1/webhooks \
  -H "Authorization: Bearer fi_your_api_key" \
  -H "Content-Type: application/json" \
  -d '{
    "url": "https://your-server.com/webhook",
    "events": ["email.received"]
  }'

Webhook payloads are signed with HMAC-SHA256. Verify the signature using the X-Webhook-Signature header.

Other webhook endpoints:
  • GET /v1/webhooks/:id — Get a single webhook
  • PATCH /v1/webhooks/:id — Update webhook (url, events, active)
  • POST /v1/webhooks/:id/rotate — Rotate webhook secret

Limits

  • • 3 mailboxes per account
  • • 50 recipients per email
  • • 5MB max email body (text or html)
  • • 998 character max subject
  • • 100 character max displayName
  • • 500 character max search query

Error Codes

CodeDescription
400Bad request - check your request body
401Unauthorized - invalid or missing API key
403Forbidden - plan limit exceeded
404Not found - resource doesn't exist
409Conflict - username taken or reserved
429Rate limited - too many requests
500Server error - try again later