SecureAgentMail

Send message

Sends an outbound email from the inbox. Requires the inbox to have a security level of `guarded_send` or higher. - At `guarded_send` level the message is scanned and sent immediately if clean, returning `201`. - At `full_lockdown` level the message is withheld for human approval and the response is `202` with an embedded `approval` object.

POST
/inboxes/{slug}/messages

Authorization

BearerAuth
AuthorizationBearer <token>

API key passed as a Bearer token. Production keys start with am_live_ and sandbox keys start with am_test_.

In: header

Path Parameters

slug*string

The unique slug identifier of the inbox.

Request Body

application/json

TypeScript Definitions

Use the request body type in TypeScript.

Response Body

application/json

application/json

application/json

application/json

application/json

application/json

application/json

application/json

application/json

curl -X POST "https://secureagentmail.com/api/v1/inboxes/string/messages" \  -H "Content-Type: application/json" \  -d '{    "to": "[email protected]",    "subject": "Re: Your support request #4521",    "body": "Hello, thank you for contacting us. Your issue has been resolved."  }'
{
  "id": "msg_x7k9m2",
  "inbox_id": "inb_abc123",
  "thread_id": "thr_p4q8r1",
  "direction": "inbound",
  "from": "[email protected]",
  "to": "[email protected]",
  "subject": "Need help with billing",
  "body": "string",
  "body_sanitized": "string",
  "status": "clean",
  "security_analysis": {
    "risk_score": 15,
    "summary": "Low risk. Minor keyword match detected but no injection patterns found.",
    "detections": [
      {
        "method": "dual_llm",
        "result": "clean",
        "detail": "Both models agree the content is benign.",
        "confidence": 0.95
      }
    ],
    "triggered_policy": "pol_r2t5v8"
  },
  "has_attachments": false,
  "created_at": "2026-02-25T10:15:00Z"
}
{
  "id": "msg_x7k9m2",
  "inbox_id": "inb_abc123",
  "thread_id": "thr_p4q8r1",
  "direction": "inbound",
  "from": "[email protected]",
  "to": "[email protected]",
  "subject": "Need help with billing",
  "body": "string",
  "body_sanitized": "string",
  "status": "clean",
  "security_analysis": {
    "risk_score": 15,
    "summary": "Low risk. Minor keyword match detected but no injection patterns found.",
    "detections": [
      {
        "method": "dual_llm",
        "result": "clean",
        "detail": "Both models agree the content is benign.",
        "confidence": 0.95
      }
    ],
    "triggered_policy": "pol_r2t5v8"
  },
  "has_attachments": false,
  "created_at": "2026-02-25T10:15:00Z",
  "approval": {
    "id": "apr_n3m8k1",
    "status": "pending",
    "expires_at": "2026-02-26T10:15:00Z"
  }
}
{
  "error": {
    "code": "unauthorized",
    "message": "Invalid or missing API key.",
    "status": 401
  }
}
{
  "error": {
    "code": "credits_exhausted",
    "message": "No credits remaining. Please upgrade your plan or wait for the next billing period.",
    "status": 402
  }
}
{
  "error": {
    "code": "level_insufficient",
    "message": "Sending messages requires security level 'guarded_send' or higher.",
    "status": 403
  }
}
{
  "error": {
    "code": "not_found",
    "message": "The requested resource was not found.",
    "status": 404
  }
}
{
  "error": {
    "code": "inbox_paused",
    "message": "This inbox is paused. Resume it before sending messages.",
    "status": 409
  }
}
{
  "error": {
    "code": "validation_error",
    "message": "The 'slug' field is required and must be a valid identifier.",
    "status": 422
  }
}
{
  "error": {
    "code": "rate_limited",
    "message": "Rate limit exceeded. Please retry after 30 seconds.",
    "status": 429
  }
}

List messages

Returns a paginated list of messages for the given inbox. Results can be filtered by status, direction, and a `since` timestamp.

Get message

Retrieves the full message object including body, security analysis, and attachment metadata.