PristineSend uses API keys to authenticate requests. Every API call must include a valid key in the Authorization header.
Your API key uniquely identifies your workspace. It acts as both an identifier and a secret credential. Each key carries a prefix that tells you which environment it targets:
| Prefix | Environment | Behaviour |
|---|---|---|
ps_live_ | Production | Sends real email and counts against your sending limits. |
ps_test_ | Sandbox / test | Runs the full pipeline but captures sends instead of delivering — free, no reputation impact. See Test mode. |
Both prefixes are used the same way — pass the full key as a Bearer token. Examples in these docs use ps_live_; substitute a ps_test_ key to run against the sandbox.
To find your key, go to Dashboard → Settings → API Keys. The key is shown once at creation and can be regenerated at any time.
Pass your API key as a Bearer token in the Authorization header of every request:
A complete example with curl:
from, the send uses your workspace's default sender (configured under Settings → Senders). Supplying a from on one of your verified domains — or a sender_id — gives you explicit control.PRISTINESEND_API_KEY).Go to Settings → API Keys and click Regenerate. The old key is immediately invalidated. Update your environment variables before rotating to avoid downtime.
All authentication failures return a 401 status:
See the full Error codes reference for a complete list of error responses.