API Reference
Email Verification API
Verify a single email address with one HTTP request. JSON response in under 2 seconds. 1 credit per call. Works from any language.
Quick start
Generate an API key from your dashboard, then make your first request:
# 1. Get your API key from the dashboard
# 2. Make your first request:
curl -X POST https://stopbouncing.com/api/v1/verify \
-H "Authorization: Bearer sb_your_api_key_here" \
-H "Content-Type: application/json" \
-d '{"email": "test@example.com"}'
# Expected response:
# { "email": "test@example.com", "status": "valid", "credits_remaining": 99 }Authentication
All requests require an Authorization header with your API key as a Bearer token. Never include your API key in client-side code.
Authorization: Bearer sb_your_api_key_hereGenerate and manage keys at /dashboard/api-keys. Keys can be labelled per environment and revoked instantly.
Verify endpoint
Single endpoint, two methods. Both return the same response.
/api/v1/verifyJSON body/api/v1/verify?email=...Query paramPOST — JSON body
| Parameter | Type | Required | Description |
|---|---|---|---|
| string | Yes | The email address to verify. |
curl -X POST https://stopbouncing.com/api/v1/verify \
-H "Authorization: Bearer sb_your_api_key_here" \
-H "Content-Type: application/json" \
-d '{"email": "jane.doe@acme.com"}'GET — query parameter
Useful for quick tests. URL-encode the email address.
curl "https://stopbouncing.com/api/v1/verify?email=jane.doe%40acme.com" \
-H "Authorization: Bearer sb_your_api_key_here"Response format
All responses are JSON. A 200 status means the verification completed — check the status field for the result.
✓ Valid
{
"email": "jane.doe@acme.com",
"status": "valid",
"credits_remaining": 9842
}✗ Invalid
{
"email": "nope@invaliddomain.xyz",
"status": "invalid",
"credits_remaining": 9841
}? Unknown
{
"email": "user@catchall-domain.com",
"status": "unknown",
"credits_remaining": 9840
}⚠ Disposable
{
"email": "temp123@mailinator.com",
"status": "disposable",
"credits_remaining": 9839
}👤 Role account
{
"email": "info@acme.com",
"status": "role",
"credits_remaining": 9838
}| Field | Type | Description |
|---|---|---|
| string | The email address that was verified. | |
| status | string | Verification result: valid, invalid, unknown, or disposable. |
| credits_remaining | integer | Your remaining credit balance after this request. |
Status values
| Status | Meaning & recommended action |
|---|---|
| valid | Mailbox exists and is accepting messages. Safe to send. |
| invalid | Address does not exist, bad syntax, or domain has no MX records. Remove from your list. |
| unknown | Cannot be confirmed — catch-all domain, SMTP-blocking provider, or temporary outage. Never treat as invalid. |
| disposable | Temporary / throw-away address (Mailinator, Guerrilla Mail, etc.). Typically inactive within hours. |
| role | Shared inbox address (info@, support@, no-reply@, etc.). Not tied to an individual — skip unless intentional. |
1 credit is charged for every request, regardless of the result. Why are unknown addresses not free?
HTTP status codes
| Code | Label | Meaning |
|---|---|---|
| 200 | OK | Verification completed. Check the status field. |
| 400 | Bad Request | Missing or malformed email parameter. |
| 401 | Unauthorized | Missing, malformed, or revoked API key. |
| 402 | Payment Required | Insufficient credits. Top up at /dashboard/billing. |
| 429 | Too Many Requests | Rate limit exceeded (60 req/min per key). See retry_after in response. |
| 502 | Bad Gateway | Verification provider error. Credit is automatically refunded. |
Rate limits
Each API key is limited to 60 requests per minute. The limit resets on a rolling 60-second window per key.
60
Requests / min
API key
Per
60s
Retry after
On hitting the limit you receive a 429 with:
{
"error": "Rate limit exceeded. Maximum 60 requests per minute per API key.",
"retry_after": 60
}Errors
All error responses share the same shape. Always check the HTTP status code first, then the error field for a human-readable message.
401 — Invalid API key
{
"error": "Invalid or revoked API key."
}402 — Insufficient credits
{
"error": "Insufficient credits. Please top up your account at stopbouncing.com/dashboard/billing.",
"credits_remaining": 0
}429 — Rate limit exceeded
{
"error": "Rate limit exceeded. Maximum 60 requests per minute per API key.",
"retry_after": 60
}Best practices
Never hard-code your API key
Use environment variables. Your key grants access to your credit balance — treat it like a password.
Handle unknown gracefully
Never discard unknown emails as invalid. They may be real. A safe approach: send to them once and monitor delivery; remove only on hard bounce.
Verify at the point of collection
For signup forms, verify the email immediately and block submission on invalid. This costs 1 credit but saves your sender reputation.
Implement retry logic for 502 errors
A 502 means the verification provider had a transient error — the credit is automatically refunded. Retry with exponential back-off. Treat 502 differently from 400/401.
Ready to integrate?
Create a free account and start verifying in minutes. 100 free verifications when you verify your email.