Get message
Retrieves the full message object including body, security analysis, and attachment metadata.
Authorization
BearerAuth API key passed as a Bearer token. Production keys start with
am_live_ and sandbox keys start with am_test_.
In: header
Path Parameters
The unique message ID (prefixed with msg_).
Response Body
application/json
application/json
application/json
application/json
curl -X GET "https://secureagentmail.com/api/v1/messages/string"{
"id": "msg_x7k9m2",
"inbox_id": "inb_abc123",
"thread_id": "thr_p4q8r1",
"direction": "inbound",
"from": "[email protected]",
"to": "[email protected]",
"subject": "Need help with billing",
"body": "string",
"body_sanitized": "string",
"status": "clean",
"security_analysis": {
"risk_score": 15,
"summary": "Low risk. Minor keyword match detected but no injection patterns found.",
"detections": [
{
"method": "dual_llm",
"result": "clean",
"detail": "Both models agree the content is benign.",
"confidence": 0.95
}
],
"triggered_policy": "pol_r2t5v8"
},
"has_attachments": false,
"created_at": "2026-02-25T10:15:00Z"
}{
"error": {
"code": "unauthorized",
"message": "Invalid or missing API key.",
"status": 401
}
}{
"error": {
"code": "not_found",
"message": "The requested resource was not found.",
"status": 404
}
}{
"error": {
"code": "rate_limited",
"message": "Rate limit exceeded. Please retry after 30 seconds.",
"status": 429
}
}Send message
Sends an outbound email from the inbox. Requires the inbox to have a security level of `guarded_send` or higher. - At `guarded_send` level the message is scanned and sent immediately if clean, returning `201`. - At `full_lockdown` level the message is withheld for human approval and the response is `202` with an embedded `approval` object.
Release withheld message
Releases a previously withheld message so it can be delivered. This is typically called after a human reviewer approves the message content.