Programmable access to email monitoring
The dmarced API gives you programmatic access to everything the product can do. The app itself is built on this API, so anything you see in the interface — domain management, DMARC reports, DNS monitoring — is available for automation. You can use it to run your own checks, pull data into internal tools, or monitor large domains at scale.
Specification
The API is defined using the OpenAPI Specification. It's a structured format that lists every endpoint, the data it accepts, the data it returns, and how to authenticate. Most modern API tools understand this format, so you can explore or generate client code without any setup.
Endpoint
The production API is available at: https://api.dmarced.eu
A sandbox environment is also available for testing or pre-production work. Reach out if you’d like access.
API keys
While API access exist in dmarced today, managing API keys isn’t yet available directly in the app. If you’d like to add an API key, just reach out to support@dmarced.eu and we’ll take care of it for you. Self-serve API key management will be available in the future.
Authentication
The dmarced API uses Bearer tokens. Every request to a protected endpoint needs an Authorization header with a valid token.
A token has two parts:
- a token ID, starting with
pk_(e.g.,pk_zmh6pwusw1iw) - a token secret, starting with
sk_(e.g.,sk_nrAm8vY14wKiJsn9…)
They’re joined with a period (.) to form the full credentials string.
Treat your token like a password. Anyone with it can act on behalf of your team.