No prior experience with Emailyze is required. You need only a valid email address to create an account and an API key to authenticate requests. The entire setup takes under five minutes.
Visit the Emailyze signup page and create an account using your work or personal email. After submitting the form, check your inbox for a verification link. Click the link to activate your account. Email verification ensures that only legitimate users receive API access and helps us prevent abuse. If you do not see the verification email, check your spam folder or request a new verification link from the dashboard.
Once your account is verified, log in to the Emailyze dashboard. Navigate to the API Keys section (typically under Settings or Account). Click Create API Key and give it a descriptive name such as "Production" or "Development." The dashboard will display your new API key exactly once. Copy it immediately and store it securely. Treat your API key like a password: never commit it to version control, share it publicly, or expose it in client-side code. If you lose your key, you can revoke it and create a new one from the dashboard.
You can verify that your API key works with a single curl command. The Emailyze API uses a simple REST interface. For a single email check, send a GET request to the /v1/check/ endpoint with the email query parameter. Authenticate by passing your API key in the X-API-Key header.
curl -H "X-API-Key: YOUR_API_KEY" \
"https://api.emailyze.xyz/v1/check/?email=test@tempmail.com"Replace YOUR_API_KEY with the key you created in Step 2. The example uses test@tempmail.com, a known disposable email address. You should receive a JSON response within a few hundred milliseconds.
The API returns a JSON object with several fields. The two most important for getting started are:
is_disposable — A boolean indicating whether the email domain is classified as disposable. For test@tempmail.com, this will be true. Use this field to block signups from disposable addresses or flag them for review.risk_score — A numeric value from 0 to 100 indicating the overall risk level. Higher scores suggest a greater likelihood that the address is disposable or high-risk. Domains with scores of 80 or above are typically considered high risk.A minimal success response looks like this:
{
"email": "test@tempmail.com",
"domain": "tempmail.com",
"is_disposable": true,
"provider_type": "disposable",
"risk_score": 95.0,
"mx_valid": true,
"checked_at": "2025-03-06T14:30:00.000Z",
"latency_ms": 42
}You can also pass a domain without a local part. For example, ?email=tempmail.com or ?email=@tempmail.com will return the same domain-level classification. The API normalizes input and returns consistent results.
For full email verification, including SMTP deliverability, add the verify=true query parameter:
curl -H "X-API-Key: YOUR_API_KEY" \
"https://api.emailyze.xyz/v1/check/?email=user@example.com&verify=true"This performs a live SMTP check to determine whether the mailbox can receive mail. It adds latency (typically 1–5 seconds) and is best used when you need to confirm that an address is deliverable, not just syntactically valid.
Emailyze supports two authentication methods:
1. Header — X-API-Key: your_api_key (recommended for server-side requests) 2. Query parameter — ?key=your_api_key (useful for download URLs or simple scripts)
Use the header method in production to avoid logging API keys in server access logs.
After your first successful request, you can:
verify parameter.POST /v1/check/batch/ to check up to 1,000 emails in one request. Ideal for list cleaning and bulk jobs.GET /v1/download/ to fetch the full disposable domain list as gzipped JSONL for on-premise or air-gapped deployments.The API is designed for low latency: most single checks complete in under 50 ms when the domain is cached. Batch requests are processed sequentially but benefit from internal caching. For high-volume use cases, consider the download endpoint to run lookups locally.
Many developers integrate Emailyze at the signup form. When a user submits an email, your backend calls the API before creating the account. If is_disposable is true or risk_score exceeds your threshold (e.g. 80), you can reject the signup or require additional verification. Another pattern is list cleaning: export your email list, run it through the batch API, and segment addresses by provider_type or risk_score before sending campaigns. The download endpoint suits applications that must operate without network access or that need to process millions of lookups without hitting API limits.
If your request fails with 401, verify that your API key is correct and active. Check for extra spaces or newlines when pasting the key. For 429 errors, you have exceeded the rate limit; wait a moment and retry, or upgrade your plan for higher limits. If you receive 400 with "Invalid email or domain format," ensure the input matches standard email syntax (local@domain.tld) or a valid domain. The API rejects empty strings, malformed addresses, and invalid characters.
The Emailyze API base URL is https://api.emailyze.xyz/v1/. The v1 prefix indicates the API version. We maintain backward compatibility within major versions; new fields may be added to responses, but existing fields will not be removed or changed in breaking ways without a new version. When we release v2, the v1 endpoints will continue to operate for a deprecation period.
Store your API key in an environment variable rather than hardcoding it. For example: EMAILYZE_API_KEY. In your application, read this variable and pass it in the X-API-Key header. This keeps secrets out of source control and simplifies rotation: update the variable and restart your service. For local development, use a .env file (and add it to .gitignore) or your shell profile.