All requests to the MigoSMTP and Telnxo APIs are authenticated using a Bearer token — your API key passed in the HTTP Authorization header. This article explains the exact format required, shows code examples in multiple languages, and covers how to handle authentication errors.
The Authorization Header
Every API request must include the following HTTP header:
Authorization: Bearer YOUR_API_KEY_HERE
| Component | Value | Notes |
|---|---|---|
| Header name | Authorization | Case-insensitive but conventionally capitalised |
| Scheme | Bearer | Must be exactly Bearer with a capital B, followed by a single space |
| Token | YOUR_API_KEY | Your full API key string — do not truncate or modify it |
Code Examples
cURL
curl -X POST https://api.migosmtp.com/v1/email/send
-H "Authorization: Bearer YOUR_API_KEY"
-H "Content-Type: application/json"
-d '{
"from": "hello@yourdomain.com",
"to": "recipient@example.com",
"subject": "Hello from MigoSMTP",
"html": "<p>Your message here</p>"
}'
PHP (using cURL)
$apiKey = getenv('MIGOSMTP_API_KEY');
$ch = curl_init('https://api.migosmtp.com/v1/email/send');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
'Authorization: Bearer ' . $apiKey,
'Content-Type: application/json',
]);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode([
'from' => 'hello@yourdomain.com',
'to' => 'recipient@example.com',
'subject' => 'Hello from MigoSMTP',
'html' => '<p>Your message here</p>',
]));
$response = curl_exec($ch);
$data = json_decode($response, true);
curl_close($ch);
Python (using requests)
import os
import requests
api_key = os.environ.get('MIGOSMTP_API_KEY')
response = requests.post(
'https://api.migosmtp.com/v1/email/send',
headers={
'Authorization': f'Bearer {api_key}',
'Content-Type': 'application/json',
},
json={
'from': 'hello@yourdomain.com',
'to': 'recipient@example.com',
'subject': 'Hello from MigoSMTP',
'html': '<p>Your message here</p>',
}
)
data = response.json()
Node.js (using fetch)
const apiKey = process.env.MIGOSMTP_API_KEY;
const response = await fetch('https://api.migosmtp.com/v1/email/send', {
method: 'POST',
headers: {
'Authorization': `Bearer ${apiKey}`,
'Content-Type': 'application/json',
},
body: JSON.stringify({
from: 'hello@yourdomain.com',
to: 'recipient@example.com',
subject: 'Hello from MigoSMTP',
html: '<p>Your message here</p>',
}),
});
const data = await response.json();
Telnxo SMS (cURL)
curl -X POST https://api.telnxo.com/v1/sms/send
-H "Authorization: Bearer YOUR_TELNXO_API_KEY"
-H "Content-Type: application/json"
-d '{
"from": "YOURBRAND",
"to": "+919876543210",
"message": "Your OTP is 482910. Valid for 10 minutes."
}'
Authentication Error Responses
| HTTP Status | Error Code | Cause | Fix |
|---|---|---|---|
| 401 | authentication_failed | Authorization header is missing entirely | Add the Authorization: Bearer KEY header to your request |
| 401 | invalid_api_key | API key is malformed, incorrect, or has been revoked | Verify the key is correct; generate a new one if revoked |
| 403 | insufficient_scope | API key does not have the required scope for this operation | Generate a new key with the correct scope |
| 402 | account_suspended | Subscription is suspended due to non-payment | Pay the outstanding invoice in the Rackwave portal |
| 403 | ip_not_whitelisted | Request originated from an IP not on the key's whitelist | Add the server's IP to the key's allowed IP list |
Common Authentication Mistakes
- Using the wrong platform key — using a MigoSMTP key on the Telnxo API endpoint returns a 401 error. Check you are using the key generated for the correct platform.
- Extra whitespace in the key — copying a key with a trailing space or newline character causes authentication to fail. Trim your key value before storing it.
- Using the key as a query parameter — some legacy APIs accept keys via URL query string. Rackwave APIs do not. Always use the Authorization header.
- Omitting the
Bearerprefix — sending just the key without theBearerprefix returns a 401 error.