{
  "info": {
    "name": "trustyourinbox API",
    "description": "The public trustyourinbox REST API. Set the `apiKey` collection variable to your workspace API key (mint one at app.trustyourinbox.com under Settings, Integrations, API keys; Pro plan and up) and every request sends it as a bearer token. Generated from the published OpenAPI spec.",
    "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
  },
  "auth": {
    "type": "bearer",
    "bearer": [
      {
        "key": "token",
        "value": "{{apiKey}}",
        "type": "string"
      }
    ]
  },
  "variable": [
    {
      "key": "baseUrl",
      "value": "https://api.trustyourinbox.com",
      "type": "string"
    },
    {
      "key": "apiKey",
      "value": "",
      "type": "string"
    }
  ],
  "item": [
    {
      "name": "Domains",
      "item": [
        {
          "name": "List the domains in the workspace (public REST API)",
          "request": {
            "method": "GET",
            "header": [],
            "url": {
              "raw": "{{baseUrl}}/v1/domains",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "v1",
                "domains"
              ]
            },
            "description": "Public REST API. Served at https://api.trustyourinbox.com/v1/domains (the api host rewrites /v1/* to /api/v1/*). Bearer API key; read scope; scoped to the key's workspace. Rate-limited (120/60s per key)."
          }
        },
        {
          "name": "Add a domain to the workspace (public REST API, write)",
          "request": {
            "method": "POST",
            "header": [
              {
                "key": "Content-Type",
                "value": "application/json"
              },
              {
                "key": "Idempotency-Key",
                "value": "1f2e3d4c-5b6a-7c8d-9e0f-a1b2c3d4e5f6",
                "disabled": true,
                "description": "Optional: a retry with the same value replays the original response."
              }
            ],
            "url": {
              "raw": "{{baseUrl}}/v1/domains",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "v1",
                "domains"
              ]
            },
            "description": "Public REST API (api.trustyourinbox.com/v1). Bearer API key; WRITE scope (the key carries `write` AND the creator's live role allows edits). Reuses the same add-domain core the dashboard uses - validation, the plan domain cap, the AUP gate, provider detection, insert, and audit. Honors an optional Idempotency-Key header (a retry replays the created domain). Audited \"via API key X\".",
            "body": {
              "mode": "raw",
              "raw": "{\n  \"name\": \"acme.com\",\n  \"purpose\": \"sending\"\n}",
              "options": {
                "raw": {
                  "language": "json"
                }
              }
            }
          }
        },
        {
          "name": "Re-detect the domain's DNS provider now (public REST API, write)",
          "request": {
            "method": "POST",
            "header": [],
            "url": {
              "raw": "{{baseUrl}}/v1/domains/:domain/recheck",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "v1",
                "domains",
                ":domain",
                "recheck"
              ],
              "variable": [
                {
                  "key": "domain",
                  "value": "acme.com"
                }
              ]
            },
            "description": "Public REST API (api.trustyourinbox.com/v1). Bearer API key; WRITE scope. Re-runs DNS-provider detection immediately instead of waiting for the daily sweep (after moving DNS / connecting a provider). No body. Reuses refreshDnsProviderForDomain; audited \"via API key X\" only when the provider flips."
          }
        }
      ]
    },
    {
      "name": "Authentication & deliverability",
      "item": [
        {
          "name": "The four mandate compliance tiles for one domain (public REST API)",
          "request": {
            "method": "GET",
            "header": [],
            "url": {
              "raw": "{{baseUrl}}/v1/domains/:domain/compliance",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "v1",
                "domains",
                ":domain",
                "compliance"
              ],
              "variable": [
                {
                  "key": "domain",
                  "value": "acme.com"
                }
              ]
            },
            "description": "Public REST API (api.trustyourinbox.com/v1). Bearer API key; read scope; the domain must belong to the key's workspace."
          }
        },
        {
          "name": "Sender breakdown with spoofer-adjusted alignment (public REST API)",
          "request": {
            "method": "GET",
            "header": [],
            "url": {
              "raw": "{{baseUrl}}/v1/domains/:domain/senders?range=30",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "v1",
                "domains",
                ":domain",
                "senders"
              ],
              "query": [
                {
                  "key": "range",
                  "value": "30",
                  "description": "Window in days (clamped to 90, default 30)"
                }
              ],
              "variable": [
                {
                  "key": "domain",
                  "value": "acme.com"
                }
              ]
            },
            "description": "Public REST API (api.trustyourinbox.com/v1). Bearer API key; read scope; workspace-scoped domain. The alignment headline is spoofer-adjusted (the Q12 invariant) - it matches the dashboard, not raw aligned/total."
          }
        },
        {
          "name": "Published authentication records for a domain (public REST API)",
          "request": {
            "method": "GET",
            "header": [],
            "url": {
              "raw": "{{baseUrl}}/v1/domains/:domain/protocol",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "v1",
                "domains",
                ":domain",
                "protocol"
              ],
              "variable": [
                {
                  "key": "domain",
                  "value": "acme.com"
                }
              ]
            },
            "description": "Public REST API (api.trustyourinbox.com/v1). Bearer API key; read scope; workspace-scoped domain. The DMARC / SPF / DKIM / MTA-STS records and what's wrong with them - mirrors the MCP get_protocol_status payload."
          }
        },
        {
          "name": "Subdomains sending as a domain, bucketed (public REST API)",
          "request": {
            "method": "GET",
            "header": [],
            "url": {
              "raw": "{{baseUrl}}/v1/domains/:domain/subdomains?range=30",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "v1",
                "domains",
                ":domain",
                "subdomains"
              ],
              "query": [
                {
                  "key": "range",
                  "value": "30",
                  "description": "Window in days (clamped to 90, default 30)"
                }
              ],
              "variable": [
                {
                  "key": "domain",
                  "value": "acme.com"
                }
              ]
            },
            "description": "Public REST API (api.trustyourinbox.com/v1). Bearer API key; read scope; workspace-scoped domain. One row per sending subdomain with its spoofer-adjusted alignment and a Known / Review / Not in DNS bucket - mirrors the MCP get_subdomain_breakdown payload. Probes live DNS for the \"Not in DNS\" split."
          }
        },
        {
          "name": "Blocked-spoof volume and top sources over a window (public REST API)",
          "request": {
            "method": "GET",
            "header": [],
            "url": {
              "raw": "{{baseUrl}}/v1/domains/:domain/spoof-activity?range=30",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "v1",
                "domains",
                ":domain",
                "spoof-activity"
              ],
              "query": [
                {
                  "key": "range",
                  "value": "30",
                  "description": "Window in days (clamped to 90, default 30)"
                }
              ],
              "variable": [
                {
                  "key": "domain",
                  "value": "acme.com"
                }
              ]
            },
            "description": "Public REST API (api.trustyourinbox.com/v1). Bearer API key; read scope; workspace-scoped domain. Uses the canonical blocked-spoof filter."
          }
        }
      ]
    },
    {
      "name": "Reports",
      "item": [
        {
          "name": "Recent aggregate (RUA) reports for one domain (public REST API)",
          "request": {
            "method": "GET",
            "header": [],
            "url": {
              "raw": "{{baseUrl}}/v1/domains/:domain/reports?limit=50",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "v1",
                "domains",
                ":domain",
                "reports"
              ],
              "query": [
                {
                  "key": "limit",
                  "value": "50",
                  "description": "Max reports (clamped to 200, default 50)"
                }
              ],
              "variable": [
                {
                  "key": "domain",
                  "value": "acme.com"
                }
              ]
            },
            "description": "Public REST API (api.trustyourinbox.com/v1). Bearer API key; read scope; workspace-scoped domain. Newest first."
          }
        },
        {
          "name": "Drill into one aggregate (RUA) report (public REST API)",
          "request": {
            "method": "GET",
            "header": [],
            "url": {
              "raw": "{{baseUrl}}/v1/reports/:id",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "v1",
                "reports",
                ":id"
              ],
              "variable": [
                {
                  "key": "id",
                  "value": "1f2e3d4c-5b6a-7c8d-9e0f-a1b2c3d4e5f6"
                }
              ]
            },
            "description": "Public REST API (api.trustyourinbox.com/v1). Bearer API key; read scope. The report's provider, window, outcome composition, and diagnosed failing senders - mirrors the MCP get_report payload. A report id from another tenant returns 404 with no existence leak."
          }
        }
      ]
    },
    {
      "name": "Issues",
      "item": [
        {
          "name": "Open issues across the workspace (public REST API)",
          "request": {
            "method": "GET",
            "header": [],
            "url": {
              "raw": "{{baseUrl}}/v1/issues",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "v1",
                "issues"
              ]
            },
            "description": "Public REST API (api.trustyourinbox.com/v1). Bearer API key; read scope. Open (non-dismissed) issues across every domain, worst-first. Rate-limited (120/60s per key)."
          }
        },
        {
          "name": "Open issues for one domain (public REST API)",
          "request": {
            "method": "GET",
            "header": [],
            "url": {
              "raw": "{{baseUrl}}/v1/domains/:domain/issues",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "v1",
                "domains",
                ":domain",
                "issues"
              ],
              "variable": [
                {
                  "key": "domain",
                  "value": "acme.com"
                }
              ]
            },
            "description": "Public REST API (api.trustyourinbox.com/v1). Bearer API key; read scope; workspace-scoped domain. Dismissal-aware (the same source the action inbox and digest read)."
          }
        },
        {
          "name": "Dismiss / snooze an open issue (public REST API, write)",
          "request": {
            "method": "POST",
            "header": [
              {
                "key": "Content-Type",
                "value": "application/json"
              }
            ],
            "url": {
              "raw": "{{baseUrl}}/v1/domains/:domain/issues/:type/dismiss",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "v1",
                "domains",
                ":domain",
                "issues",
                ":type",
                "dismiss"
              ],
              "variable": [
                {
                  "key": "domain",
                  "value": "acme.com"
                },
                {
                  "key": "type",
                  "value": "tls_rpt_missing"
                }
              ]
            },
            "description": "Public REST API (api.trustyourinbox.com/v1). Bearer API key; WRITE scope. Hides the issue: body { \"permanent\": false } snoozes 7 days (default), true dismisses indefinitely. Reverse with .../restore. Reuses dismissAnomalyCore (the same core the dashboard + MCP use); audited \"via API key X\".",
            "body": {
              "mode": "raw",
              "raw": "{\n  \"permanent\": false\n}",
              "options": {
                "raw": {
                  "language": "json"
                }
              }
            }
          }
        },
        {
          "name": "Restore a dismissed / snoozed issue (public REST API, write)",
          "request": {
            "method": "POST",
            "header": [],
            "url": {
              "raw": "{{baseUrl}}/v1/domains/:domain/issues/:type/restore",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "v1",
                "domains",
                ":domain",
                "issues",
                ":type",
                "restore"
              ],
              "variable": [
                {
                  "key": "domain",
                  "value": "acme.com"
                },
                {
                  "key": "type",
                  "value": "tls_rpt_missing"
                }
              ]
            },
            "description": "Public REST API (api.trustyourinbox.com/v1). Bearer API key; WRITE scope. Un-hides the issue so it returns to the open inbox. The inverse of .../dismiss. Reuses restoreAnomalyCore; audited \"via API key X\"."
          }
        }
      ]
    },
    {
      "name": "DNS fixes",
      "item": [
        {
          "name": "Stage a one-click DNS fix for an issue (public REST API, write)",
          "request": {
            "method": "POST",
            "header": [
              {
                "key": "Content-Type",
                "value": "application/json"
              },
              {
                "key": "Idempotency-Key",
                "value": "1f2e3d4c-5b6a-7c8d-9e0f-a1b2c3d4e5f6",
                "disabled": true,
                "description": "Optional: a retry with the same value replays the original response."
              }
            ],
            "url": {
              "raw": "{{baseUrl}}/v1/domains/:domain/dns-fixes",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "v1",
                "domains",
                ":domain",
                "dns-fixes"
              ],
              "variable": [
                {
                  "key": "domain",
                  "value": "acme.com"
                }
              ]
            },
            "description": "Public REST API (api.trustyourinbox.com/v1). Bearer API key; WRITE scope. Body { \"type\": \"<issue_type>\" } for a one-click-fixable issue. The fix is STAGED (not applied immediately) through the same 5-minute-delay / email-with-one-click-cancel / 24-hour-undo safety pipeline the dashboard + MCP use - no second DNS-write path. Reuses stageFixForAnomalyById; audited \"via API key X\". Honors Idempotency-Key (no double-stage).",
            "body": {
              "mode": "raw",
              "raw": "{\n  \"type\": \"dmarc_np_missing\"\n}",
              "options": {
                "raw": {
                  "language": "json"
                }
              }
            }
          }
        },
        {
          "name": "Staged / in-undo-window DNS changes for the workspace (public REST API)",
          "request": {
            "method": "GET",
            "header": [],
            "url": {
              "raw": "{{baseUrl}}/v1/changes",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "v1",
                "changes"
              ]
            },
            "description": "Public REST API (api.trustyourinbox.com/v1). Bearer API key; read scope. The read half of the staged-fix loop - DNS fixes currently staged (in the 5-minute pre-apply window) or recently applied but still inside the 24-hour undo window. Cancel one via DELETE /v1/changes/{id}."
          }
        },
        {
          "name": "Cancel a staged DNS change (public REST API, write)",
          "request": {
            "method": "DELETE",
            "header": [],
            "url": {
              "raw": "{{baseUrl}}/v1/changes/:id",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "v1",
                "changes",
                ":id"
              ],
              "variable": [
                {
                  "key": "id",
                  "value": "1f2e3d4c-5b6a-7c8d-9e0f-a1b2c3d4e5f6"
                }
              ]
            },
            "description": "Public REST API (api.trustyourinbox.com/v1). Bearer API key; WRITE scope. Cancels a fix that is still staged (inside the 5-minute pre-apply window); an applied change has the 24-hour undo in the app. Reuses cancelStagedChange, workspace-scoped so a foreign change id can't be canceled. Audited \"via API key X\"."
          }
        }
      ]
    },
    {
      "name": "Senders",
      "item": [
        {
          "name": "List your custom senders (public REST API)",
          "request": {
            "method": "GET",
            "header": [],
            "url": {
              "raw": "{{baseUrl}}/v1/senders",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "v1",
                "senders"
              ]
            },
            "description": "Public REST API (api.trustyourinbox.com/v1). Bearer API key; read scope. Every custom (source \"user\") sender in the workspace - including ones with no observed traffic yet - with ranges, optional icon URL, and trailing-30-day attributed volume. The same loader the dashboard's management card reads."
          }
        },
        {
          "name": "Identify a sending IP / CIDR as a named vendor (public REST API, write)",
          "request": {
            "method": "POST",
            "header": [
              {
                "key": "Content-Type",
                "value": "application/json"
              },
              {
                "key": "Idempotency-Key",
                "value": "1f2e3d4c-5b6a-7c8d-9e0f-a1b2c3d4e5f6",
                "disabled": true,
                "description": "Optional: a retry with the same value replays the original response."
              }
            ],
            "url": {
              "raw": "{{baseUrl}}/v1/senders",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "v1",
                "senders"
              ]
            },
            "description": "Public REST API (api.trustyourinbox.com/v1). Bearer API key; WRITE scope. Body { \"ipOrCidr\", \"name\", \"category\" } - labels a source so it counts as a known sender instead of an unknown source. Reuses identifySenderCore; audited \"via API key X\". Honors Idempotency-Key.",
            "body": {
              "mode": "raw",
              "raw": "{\n  \"ipOrCidr\": \"198.2.132.0/24\",\n  \"name\": \"Mailchimp\",\n  \"category\": \"email_provider\"\n}",
              "options": {
                "raw": {
                  "language": "json"
                }
              }
            }
          }
        },
        {
          "name": "Update a custom sender (public REST API, write)",
          "request": {
            "method": "PATCH",
            "header": [
              {
                "key": "Content-Type",
                "value": "application/json"
              },
              {
                "key": "Idempotency-Key",
                "value": "1f2e3d4c-5b6a-7c8d-9e0f-a1b2c3d4e5f6",
                "disabled": true,
                "description": "Optional: a retry with the same value replays the original response."
              }
            ],
            "url": {
              "raw": "{{baseUrl}}/v1/senders/:id",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "v1",
                "senders",
                ":id"
              ],
              "variable": [
                {
                  "key": "id",
                  "value": "1f2e3d4c-5b6a-7c8d-9e0f-a1b2c3d4e5f6"
                }
              ]
            },
            "description": "Public REST API (api.trustyourinbox.com/v1). Bearer API key; WRITE scope. Partial update of a custom sender you created - rename, recategorize, add an IP range (how you register a second IP of the same server), or remove one. Removing a range re-attributes its traffic (past reports included) back to the catalog vendor underneath, or back to unknown. Reuses modifySenderCore (the SAME composition the dashboard + MCP update_sender use); audited \"via API key X\". Honors Idempotency-Key.",
            "body": {
              "mode": "raw",
              "raw": "{\n  \"name\": \"acme.com\",\n  \"category\": \"email_provider\",\n  \"addRange\": \"example\",\n  \"removeRange\": \"example\"\n}",
              "options": {
                "raw": {
                  "language": "json"
                }
              }
            }
          }
        },
        {
          "name": "Delete a custom sender (public REST API, write)",
          "request": {
            "method": "DELETE",
            "header": [
              {
                "key": "Idempotency-Key",
                "value": "1f2e3d4c-5b6a-7c8d-9e0f-a1b2c3d4e5f6",
                "disabled": true,
                "description": "Optional: a retry with the same value replays the original response."
              }
            ],
            "url": {
              "raw": "{{baseUrl}}/v1/senders/:id",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "v1",
                "senders",
                ":id"
              ],
              "variable": [
                {
                  "key": "id",
                  "value": "1f2e3d4c-5b6a-7c8d-9e0f-a1b2c3d4e5f6"
                }
              ]
            },
            "description": "Public REST API (api.trustyourinbox.com/v1). Bearer API key; WRITE scope. Deletes a custom sender you created; its traffic - past reports included - re-attributes to the catalog vendor underneath, or back to unknown, and the workspace known-IP set reconverges. Reuses deleteSenderCore; audited \"via API key X\". Honors Idempotency-Key."
          }
        }
      ]
    },
    {
      "name": "Workspace",
      "item": [
        {
          "name": "Workspace-wide health summary (public REST API)",
          "request": {
            "method": "GET",
            "header": [],
            "url": {
              "raw": "{{baseUrl}}/v1/workspace/health",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "v1",
                "workspace",
                "health"
              ]
            },
            "description": "Public REST API (api.trustyourinbox.com/v1). Bearer API key; read scope. Spoofer-adjusted alignment, trend, and totals - the same loader the dashboard hero uses. Rate-limited (120/60s per key)."
          }
        }
      ]
    },
    {
      "name": "Webhooks",
      "item": [
        {
          "name": "List your outbound webhook endpoints (public REST API)",
          "request": {
            "method": "GET",
            "header": [],
            "url": {
              "raw": "{{baseUrl}}/v1/webhooks",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "v1",
                "webhooks"
              ]
            },
            "description": "Public REST API (api.trustyourinbox.com/v1). Bearer API key; read scope. Every outbound webhook endpoint in the workspace, with its URL, event filter, status, and failure streak. Never returns the signing secret, only its masked prefix. Requires the outboundWebhooks plan capability (Pro and up)."
          }
        },
        {
          "name": "Register an outbound webhook endpoint (public REST API, write)",
          "request": {
            "method": "POST",
            "header": [
              {
                "key": "Content-Type",
                "value": "application/json"
              },
              {
                "key": "Idempotency-Key",
                "value": "1f2e3d4c-5b6a-7c8d-9e0f-a1b2c3d4e5f6",
                "disabled": true,
                "description": "Optional: a retry with the same value replays the original response."
              }
            ],
            "url": {
              "raw": "{{baseUrl}}/v1/webhooks",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "v1",
                "webhooks"
              ]
            },
            "description": "Public REST API (api.trustyourinbox.com/v1). Bearer API key; WRITE scope. Registers an https endpoint we POST a signed payload to on each critical event. Body { \"url\", \"description\"?, \"eventTypes\"? } - eventTypes omitted means all types. Returns the signing secret ONCE. Reuses createWebhookEndpointCore; audited \"via API key X\". Honors Idempotency-Key. Requires the outboundWebhooks capability (Pro and up).",
            "body": {
              "mode": "raw",
              "raw": "{\n  \"url\": \"example\",\n  \"description\": \"example\",\n  \"eventTypes\": [\n    \"anomaly.crit\"\n  ]\n}",
              "options": {
                "raw": {
                  "language": "json"
                }
              }
            }
          }
        },
        {
          "name": "Delete an outbound webhook endpoint (public REST API, write)",
          "request": {
            "method": "DELETE",
            "header": [
              {
                "key": "Idempotency-Key",
                "value": "1f2e3d4c-5b6a-7c8d-9e0f-a1b2c3d4e5f6",
                "disabled": true,
                "description": "Optional: a retry with the same value replays the original response."
              }
            ],
            "url": {
              "raw": "{{baseUrl}}/v1/webhooks/:id",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "v1",
                "webhooks",
                ":id"
              ],
              "variable": [
                {
                  "key": "id",
                  "value": "1f2e3d4c-5b6a-7c8d-9e0f-a1b2c3d4e5f6"
                }
              ]
            },
            "description": "Public REST API (api.trustyourinbox.com/v1). Bearer API key; WRITE scope. Removes an endpoint; we stop delivering to it immediately and its delivery log is cascaded. Reuses deleteWebhookEndpointCore; audited \"via API key X\". Honors Idempotency-Key."
          }
        },
        {
          "name": "Recent delivery attempts for an endpoint (public REST API)",
          "request": {
            "method": "GET",
            "header": [],
            "url": {
              "raw": "{{baseUrl}}/v1/webhooks/:id/deliveries",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "v1",
                "webhooks",
                ":id",
                "deliveries"
              ],
              "variable": [
                {
                  "key": "id",
                  "value": "1f2e3d4c-5b6a-7c8d-9e0f-a1b2c3d4e5f6"
                }
              ]
            },
            "description": "Public REST API (api.trustyourinbox.com/v1). Bearer API key; read scope. The most recent delivery attempts for one endpoint (newest first) - the event type, status, HTTP response code, failure reason, and attempt number - for debugging your receiver."
          }
        }
      ]
    }
  ]
}
