Get an API key
Sign in and create a key in your API keys settings. The key is shown once and cannot be recovered, so copy it straight away. There is no separate sandbox key: the free tier gives you 100 verifies a month against the live API.
Export it as an environment variable so it never touches your code. Every example below reads ES_KEY from the environment and sends it in the X-API-Key header.
export ES_KEY="4f8c92a17b3d…"
Install the SDK
Pick your language. Each SDK is a thin wrapper over one HTTPS endpoint, all open source. If you would rather not add a dependency, curl works everywhere and needs nothing.
# node 18+ · ESM or CommonJS npm install @emailsherlock/node
# python 3.9+ pip install emailsherlock-sdk
# go 1.21+ go get github.com/Emailsherlock1/go
# php 8.1+ composer require emailsherlock/client
# no SDK needed, curl is enough curl --version
Run your first check
One address in, one result out, typically in under a second. The call on the right is complete and copy-paste ready. Swap the address for one of your own.
The body is a single field, email. The response is one result object with the verdict and every signal behind it. The same shape comes back from the batch endpoint, one per address.
curl https://api.emailsherlock.com/v1/verify/single \
-H "X-API-Key: $ES_KEY" \
-H "Content-Type: application/json" \
-d '{"email":"[email protected]"}'
import { Emailsherlock } from '@emailsherlock/node';
const es = new Emailsherlock(process.env.ES_KEY);
const result = await es.verify.single({ email: '[email protected]' });
from emailsherlock import Emailsherlock es = Emailsherlock(api_key=os.environ["ES_KEY"]) result = es.verify.single(email="[email protected]")
import emailsherlock "github.com/Emailsherlock1/go"
es := emailsherlock.New(os.Getenv("ES_KEY"))
result, err := es.Verify.Single(ctx, "[email protected]")
<?php
use Emailsherlock\Client;
$es = new Client(getenv('ES_KEY'));
$result = $es->verify->single(['email' => '[email protected]']);
{
"email": "[email protected]",
"result": "valid",
"mx": true,
"disposable": false,
"role": false,
"catch_all": false,
"score": 0.95,
"freshness": "fresh"
}
Read the result
The result field is the verdict. The booleans and the score are the signals behind it, so you can branch on whichever matters to your flow.
|
emailstringrequired
The address you sent.
|
|
resultstringrequired
The verdict for this address. One of valid invalid catch_all disposable role unknown.
|
|
mxbooleanrequired
The domain has reachable MX records.
|
|
disposablebooleanrequired
Throwaway / temporary-mail provider.
|
|
rolebooleanrequired
Role address such as info@ or sales@.
|
|
catch_allbooleanrequired
Host accepts mail for any local part.
|
|
scorenumber · nullable
0-1 confidence, higher is safer to send to.
|
|
freshnessstringrequired
How recent the underlying data is. One of fresh cached_recent cached_stale_refreshed.
|
Move to production
Your first call already hit the live API, so there is no key or endpoint to swap. Four things separate a demo from a production integration.
/v1/verify/batch429