AI Agents
Set up MailSetu safely for AI agents, integration bots, and autonomous installers.
Machine-readable discovery
MailSetu publishes an agent manifest and an OpenAPI document so tools can discover supported products, endpoints, and install flows automatically.
curl https://api.mailssetu.in/.well-known/agent.json
curl https://api.mailssetu.in/.well-known/openapi.jsonCreate a short-lived install token
From the dashboard or your own authenticated session, create a short-lived install session. It grants exactly the scopes and product access you choose, then self-destructs on first exchange.
curl -X POST https://api.mailssetu.in/v1/agent/install-sessions \
-H "Cookie: ms_access=..." \
-H "Content-Type: application/json" \
-d '{
"label": "Codex setup",
"product": "combined",
"sandbox": true,
"scopes": ["send", "read"],
"ttlMinutes": 15
}'Exchange the token once
The agent exchanges the install token for a scoped MailSetu API key. The token is consumed immediately, which protects the owner if the setup transcript is later exposed.
curl -X POST https://api.mailssetu.in/v1/agent/exchange \
-H "Content-Type: application/json" \
-d '{
"token": "ms_agent_...",
"name": "Shopify onboarding bot"
}'Recommended agent behavior
For safe autonomous setup: • Prefer sandbox sessions first, then request a live install token only when DNS / sender setup is complete • Restrict allowed domains for mail-only installs • Store the returned API key in the customer environment, never in your own prompt history • Revoke or expire install sessions aggressively after bootstrap