arrobaMail
Tutorial · Advanced

API v3 quickstart: from zero to your first send

The shortest path to sending your first campaign from your own code with arrobaMail's REST API v3: authenticate with JWT, add a contact, and send.

By Equipo editorial de arrobaMailPublished June 15, 202612 min6 steps

If you want to run arrobaMail from your own system — add contacts, send campaigns, pull stats — the way in is the REST API v3: JSON over HTTP, JWT authentication, no SDK required. This guide is the shortcut: three requests take you from zero to your first send.

From zero to first send · 3 calls

  1. 1POST/auth/getToken
  2. 2POST/lists/:id/subscribers
  3. 3POST/campaigns

Three HTTP requests and you're already sending. The full code — in curl, Node, PHP, and Python — is in the API quickstart.

Before you start

  • Your arrobaMail username and password (to get the token).
  • A verified sender with SPF/DKIM and a list already created.
  • Any HTTP client: curl, fetch, requests, Guzzle — whatever you use.

The 6 steps

  1. 1

    The plan: three requests

    Authenticate, add a contact, and send. That's the whole flow.

  2. 2

    Authenticate: the JWT token

    POST /auth/getToken returns the token that authorizes everything else.

  3. 3

    Get your sender and list ready

    The sender must be verified; the list must exist. Note down their IDs.

  4. 4

    Add a contact

    You add (or confirm) the subscriber who's going to receive the send.

  5. 5

    Send

    One call to /campaigns queues the send.

  6. 6

    Check the result and keep going in your language

    Query the outcome and grab ready-to-use code in curl, Node, PHP or Python.

1. The plan: three requests

The whole base integration comes down to three HTTP calls: authenticate (and save a token), add a contact to a list, and send. That's enough to be up and running. Later you can layer in stats queries, segmentation, and more — but this is the core.

The API's base URL is https://envios.arrobamail.com/v3/api/ (swap envios for the server assigned to your account).

2. Authenticate: the JWT token

Everything starts by requesting a token — a temporary pass that authorizes your calls:

POST /auth/getToken
Content-Type: application/json

{ "username": "your_username", "pass": "your_password", "rememberMe": true, "locale": "en" }

You get back a token. From here on, every protected call carries it in the header:

Authorization: Bearer {token}

Watch out: the field is pass, not password. And with rememberMe: true the token lasts up to 365 days (handy for production); set to false, it's short-lived — ideal for testing.

3. Get your sender and list ready

Before you can send, two things need to already exist in your account:

  • A verified sender. To send, the from address needs SPF/DKIM certification. If it doesn't have it, the API rejects the send. (You only verify it once — see verify your sender.)
  • A list. GET /lists returns your lists and their IDs. Note the destination list's ID — it's an encrypted string, not a number.

4. Add a contact

Add (or confirm) the subscriber who's going to receive it, in that list:

POST /lists/:id/subscribers
Authorization: Bearer {token}

{ "email": "[email protected]", "name": "Customer" }

Watch out: the contact needs to be in Active status. If your list uses double opt-in and the contact is stuck at Pending, it won't receive sends or trigger automations.

5. Send

The call that queues the send. Pass the name, subject, HTML, sender, and list:

POST /campaigns
Authorization: Bearer {token}

{ "campname": "My_first_send", "asunto": "Hello from the API",
  "html": "<h1>It works</h1>", "fromname": "Your Company",
  "frommail": "[email protected]", "listid": ["YOUR_LIST_ID"],
  "tracklinks": 1, "trackreads": 1 }

You get back an encid (the campaign's identifier). Save it — you'll need it to check on results.

6. Check the result and keep going in your language

Use the encid to see how it went:

GET /campaigns/{encid}/stats/subscriber-actions
Authorization: Bearer {token}

It tells you whether the email was delivered, opened, and clicked. And that's it — you've just integrated arrobaMail with your system.

This guide used pseudo-HTTP so the flow is easy to follow. The real, copy-paste-ready code in curl, Node, PHP or Python lives in the API quickstart (with per-language tabs), and every endpoint's full detail — all parameters and responses — is in the reference.

Common mistakes to avoid

  • Sending password instead of pass. The password field is pass. It's the number one stumbling block.
  • An unverified sender. If frommail isn't certified, the send gets rejected. Verify it first.
  • Treating listid as a number. It's an encrypted string. Pass it exactly as GET /lists returns it.
  • Forgetting the space in the header. It has to read exactly Authorization: Bearer {token}, with the space after Bearer.

Next steps

  1. Grab the code for your language in the API quickstart.
  2. Go deeper on each endpoint in the reference.
  3. To send individual, event-driven emails, check out sending transactional emails.

Get started with arrobaMail
in under 5 minutes.

Free plan, AI generations included, no credit card required — and real support from a real team.

Try it free now
WhatsAppOur team replies