Skip to content
Mumara

Developers

REST + SMTP. Build what you want.

Every customer-facing feature in Mumara is exposed via API. Build deeper integrations, internal tooling, multi-tenant workspaces, or full custom UIs on top.

Open API docs Get an API key

Hello, world

Send your first email in under a minute.

Pseudocode shape — see the docs for the live endpoint, auth headers, and full schema. 

curl https://api.mumara.com/v1/emails \
  -H "Authorization: Bearer $MUMARA_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "from":    "hello@yourdomain.com",
    "to":      ["customer@example.com"],
    "subject": "Welcome to YourBrand",
    "html":    "<h1>Hi 👋</h1>",
    "tags":    ["onboarding", "welcome"]
  }'

API surface

Every product surface, exposed.

  • Send

    Trigger transactional and marketing email or SMS via API. Idempotent, retry-safe, with structured error responses.

  • Contacts

    Create, read, update, and delete contacts. Bulk import endpoints for syncing from your own database.

  • Lists & segments

    Manage lists, save segments, query segment membership programmatically.

  • Templates

    Create and version email templates. Render with variables for transactional sends.

  • Automations

    Trigger automations from custom events; pause / resume / version programmatically.

  • Webhooks

    Subscribe to delivery, bounce, complaint, open, click, unsubscribe events. Retry-aware with HMAC signing.

  • Bridges

    Configure SMTP / API endpoints routed through dedicated IPs, IP pools, or external sending nodes.

  • Suppressions

    Read and write global, list, and program suppressions. Honour them across all sending automatically.

Transports

Pick the protocol that fits your stack.

REST API

JSON over HTTPS. API keys are scoped per workspace and rotatable.

SMTP relay

Drop-in SMTP for transactional integrations that already speak SMTP.

Webhooks

Inbound POST callbacks for every email and SMS event. Signed and idempotent.

Authentication & limits

Predictable auth, predictable limits.

  • Bearer-token auth

    API keys are scoped per workspace, rotatable, and revocable. Restrict by IP allowlist on enterprise plans.

  • Rate limits

    Per-key rate limits surfaced in response headers. Burst-friendly within plan limits; larger plans get larger windows.

  • Idempotency

    Send endpoints accept an idempotency key so you can safely retry without duplicating.

  • Webhooks signing

    Every webhook is signed with HMAC-SHA256 over the body and timestamp. Reject anything that fails verification.

Ready to build?

Spin up a free trial, generate a key, ship the first send. The full reference, schemas, and code samples live in the API docs.

Open API docs Get an API key