Developer Documentation
Comprehensive guides to using email.to's secure email platform for developers and administrators.
Getting Started
Create an Account
- 1 Visit contact form for free plan activation
- 2 Select your plan (free or premium)
- 3 Verify your email and start using secure email
Quick Start Code
// Example API request to send email
POST /api/v1/messages
Authorization: Bearer [YOUR_TOKEN]
Content-Type: application/json
{
"to": "recipient@example.com",
"subject": "Secure Communication",
"body": "This is an end-to-end encrypted message.",
"metadata": {
"priority": "high",
"category": "security"
}
}
API Reference
Authentication
All API requests require OAuth 2.0 Bearer tokens. Generate tokens in your account settings with specific scopes:
email.read- Read access to messagesemail.send- Send messagescontacts.manage- Manage contact list
Requests should include the Authorization: Bearer [TOKEN] header.
Token Lifecycle
• Initial token: 24h validity
• Refresh token: 7 days
• Automatic refresh when remaining lifetime < 15 min
• Revoke at any time through dashboard
Endpoints
| Endpoint | Method | Description |
|---|---|---|
| /api/v1/messages | POST | Send a new secure message |
| /api/v1/messages | GET | List all messages |
| /api/v1/messages/{id} | GET | Get message details |
| /api/v1/contacts | POST | Add contact |
Security Features
Data Protection
- AES-256 Encryption
- End-to-end encryption (E2EE) for premium plans
- Zero-knowledge password storage
Infrastructure Security
Network
Private global mesh network with hardware-accelerated encryption
Databases
Encrypted storage with automatic 256-bit key rotation
Key Management
HSM-protected key storage with strict IAM roles
Security Best Practices
- • Enable mandatory 2FA for all users
- • Regularly rotate API tokens
- • Monitor access logs via the dashboard
- • Use E2EE for sensitive data
- • Enable session expiration
- • Report security issues through our vulnerability program