Quickstart
One REST API - and MCP server - for sending, inboxes and forwarding. Create an inbox, send an email and verify a domain in about a minute.
Authentication
Every request to /v1 is authenticated with a bearer key in the Authorization header. Live keys start with sk_live_; test-mode keys start with sk_test_. The base URL is https://threadcamp.vercel.app/v1.
To try the API with no signup, use the public sandbox key sk_test_sandbox_threadcamp_public_demo. Every response carries an x-request-id header for support.
Authorization: Bearer sk_live_...
# base URL
https://threadcamp.vercel.app/v160-second quickstart
1. Create an inbox
curl https://threadcamp.vercel.app/v1/inboxes \
-H "Authorization: Bearer sk_test_sandbox_threadcamp_public_demo" \
-H "Content-Type: application/json" \
-d '{ "display_name": "Support Agent" }'
# -> 201
# { "id": "inbox_...", "object": "inbox",
# "address": "support-agent@in.threadcamp.com",
# "autonomy": "auto", "created_at": "..." }2. Send an email
curl https://threadcamp.vercel.app/v1/emails \
-H "Authorization: Bearer sk_test_sandbox_threadcamp_public_demo" \
-H "Content-Type: application/json" \
-d '{
"from": "support-agent@in.threadcamp.com",
"to": ["you@example.com"],
"subject": "Hello from ThreadCamp",
"text": "Sent in one call."
}'
# -> 201
# { "id": "msg_...", "object": "message", "status": "sent", ... }3. Add and verify a domain
# 1. Add the domain
curl https://threadcamp.vercel.app/v1/domains \
-H "Authorization: Bearer sk_live_..." \
-H "Content-Type: application/json" \
-d '{ "name": "acme-agents.email" }'
# -> 201 with dns_records: MX (receiving), TXT (spf),
# two CNAME (dkim), TXT (dmarc). Place them at your DNS host.
# 2. Verify once the records are live
curl -X POST https://threadcamp.vercel.app/v1/domains/dom_.../verify \
-H "Authorization: Bearer sk_live_..."
# -> { "id": "dom_...", "status": "verified", "verified_at": "..." }Core concepts
Inbox
A real, addressable mailbox created via POST /v1/inboxes. Free inboxes live on the shared in.threadcamp.com domain (reserved - activates at launch); verified custom domains host your own. Messages are listed per inbox and filterable by direction (inbound or outbound).
Autonomy policy
Per-inbox send behaviour: auto sends immediately, approve-first holds each send for human approval, and notify sends but labels the message for a human to see.
Route + SRS
A forwarding rule (POST /v1/routes): a catch-all (*@domain) or alias match, an action of forward, webhook, inbox or split, and a destination. SRS rewrites the envelope sender so SPF and DMARC survive the forward; it defaults on for forward actions.
Domain
A custom domain added via POST /v1/domains. The response includes the MX, SPF, DKIM and DMARC records to place; POST /v1/domains/:id/verify marks it verified so you can create inboxes and send from it.
Webhook signature
Registered endpoints receive HMAC-signed deliveries. The signature is sha256(secret + "." + body), sent in the x-threadcamp-signature header. The signing secret is returned once when you create the webhook.
Keep going
- API reference - every endpoint, request and response.
- MCP server - use ThreadCamp as agent tools.
- /openapi.json - the machine-readable spec.
- /llms.txt - the agent-facing site map.
Get a key and build.
Full API, MCP and webhooks on the free tier. No credit card.