- Mailbox API – Authentication and Authorization
- Mailbox API – Schemas
- Mailbox API – Versioning
- Mailbox API – Account
- Mailbox API – Account Settings
- Mailbox API – Account Filters
- Mailbox API – Folders
- Mailbox API – Mails
- Mailbox API – Mails Create and Send
- Mailbox API – Mails Search
- Mailbox API – Mails Counters
- Mailbox API – Conversations
- Mailbox API – Labels
- Mailbox API – Contacts
- Mailbox API – Batch Operations
- Mailbox API – Undo
- Mailbox API – Error Handling
Auth Methods
The Axigen Mailbox-API supports the following authentication and authorization methods:
-
OAuth 2.0 with OpenID Connect – for both browser based applications and mobile / native apps
-
Basic Authentication – in case OAuth 2.0 and OpenID Connect is not available
Note that using OAuth 2.0 and OpenID Connect is strongly recommended as it is the most secure option.
2-Step Verification and Catpcha are supported only when using OAuth 2.0 and OpenID Connect if enabled by the Authorization Server.
Login
Request Headers
|
Name |
Required |
Values |
Description |
|---|---|---|---|
|
Authorization |
* |
|
“Basic” – used to authenticate against internal user authentication mechanism when OAuth 2.0 and OpenID Connect are not available “Bearer” – used to authenticate against an external authentication provider (such as OAuth 2.0 and OpenID Connect) |
Response
When successful, the endpoint returns the following JSON structure:
All subsequent API calls must use the same authentication method and include the session id in the X-Axigen-Session header.
Note that when using bearer token authorization, the username is unknown to Axigen until the token is validated against the external authentication provider.
In case the user can not be authenticated (i.e. wrong authentication credentials, invalid token, expired token, unknown user), the endpoint will reply back with 401 Unauthorized.