Documentation

Everything you need
to get started.

Guides, code examples, SDK references, and answers to common questions — all in one place.

Introduction
Quick Start How It Works SDKs & Libraries
Guides
Basic Usage Handling OTPs Webhooks Custom Domains
Reference
API Reference FAQ Changelog
Quick Start
Get a working disposable inbox in under 2 minutes.
  1. Open the inbox

    Navigate to tempmail.io — an address is generated automatically on page load. No account required.

  2. Copy your address

    Click Copy Address and paste it into any sign-up form or website that requires an email.

  3. Receive your mail

    Emails appear in real time via WebSocket. OTP codes and verification links are parsed and highlighted automatically.

  4. Done — address self-destructs

    After 60 minutes (or your configured TTL), the address and all messages are permanently deleted.

No registration, no personal data required. Everything is anonymous by design.
How It Works
The technical flow from address generation to message delivery.

When you load TempMail, the frontend calls GET /api/generate_email.php which provisions a random mailbox on our SMTP relay server. Your browser receives the address and simultaneously opens a WebSocket connection to our message delivery service.

When an email is sent to your temporary address, it traverses standard internet SMTP routing, arrives at our relay server, is encrypted with AES-256-GCM, and pushed to your open WebSocket connection — typically within 1–3 seconds of the sender pressing send.

Message Parsing

Each incoming message is scanned by our parser for two patterns:

  • OTP codes — 4 to 8 digit sequences in common formats (e.g. "Your code is 482910")
  • Verification links — URLs matching patterns like /verify, /confirm, /activate

Detected values are surfaced in the UI as actionable components so you can copy or click without reading the raw email body.

TempMail is not suitable for receiving sensitive personal correspondence. Use it only for disposable registrations and verification flows.
Guide: Basic Usage
Generate an address and poll for messages using the REST API.

1. Generate an address

JavaScript
const res = await fetch(
  'https://api.tempmail.io/v1/generate_email.php?key=YOUR_KEY'
);
const { email } = await res.json();
console.log('Your address:', email);

2. Poll the inbox

JavaScript
async function pollInbox(email) {
  const res = await fetch(
    `https://api.tempmail.io/v1/inbox.php?key=YOUR_KEY&email=${email}`
  );
  const messages = await res.json();
  return messages;
}

// Poll every 5 seconds
setInterval(() => pollInbox(email), 5000);

3. Read a message

JavaScript
const msg = await fetch(
  `https://api.tempmail.io/v1/read.php?key=YOUR_KEY&email=${email}&id=${msgId}`
).then(r => r.json());

if (msg.otp) {
  console.log('OTP Code:', msg.otp);
} else if (msg.confirmation_link) {
  console.log('Verify URL:', msg.confirmation_link);
}
Guide: Handling OTPs
Automatically extract one-time passwords from incoming messages.

The read.php endpoint returns a pre-parsed otp field when a code is detected. You can also run your own regex against the message body if you need a different matching strategy.

Python
import requests, re

msg = requests.get(
    'https://api.tempmail.io/v1/read.php',
    params={'key': 'YOUR_KEY', 'email': email, 'id': msg_id}
).json()

# Use the pre-parsed field
if msg['otp']:
    print(f"OTP: {msg['otp']}")

# Or run your own regex
match = re.search(r'\b(\d{4,8})\b', msg['body'])
if match:
    print(f"Found code: {match.group(1)}")
The otp field is null if no code is detected. Always check confirmation_link as a fallback — some services send links instead of codes.
Guide: Webhooks
Receive email events pushed to your server instead of polling.

Premium accounts can register a webhook URL. When a message arrives at a disposable address, TempMail will POST the parsed message payload to your endpoint within 500ms.

Registering a webhook

cURL
curl -X POST "https://api.tempmail.io/v1/webhook.php" \
  -d "key=YOUR_KEY" \
  -d "email=k9x2m7@tempmail.io" \
  -d "url=https://yourserver.com/hook"

Webhook payload

JSON
{
  "event":             "message.received",
  "id":               "msg_a1b2c3",
  "email":            "k9x2m7@tempmail.io",
  "sender":           "noreply@example.com",
  "subject":          "Your verification code",
  "otp":             "482910",
  "confirmation_link": null,
  "received_at":      "2026-03-07T13:05:22Z"
}
Guide: Custom Domains
Use your own domain for branded disposable addresses (Premium).

With a Premium account you can configure your own domain (e.g. @yourcompany.com) so disposable addresses look like temp-x7f2k@yourcompany.com.

DNS Setup

Add the following MX record to your domain's DNS settings:

DNS Record
Type: MX
Host: @
Value: mx.tempmail.io
Priority: 10
TTL: 3600

Once propagated (typically 5–30 minutes), register your domain via the API:

cURL
curl -X POST "https://api.tempmail.io/v1/domains.php" \
  -d "key=YOUR_KEY" \
  -d "domain=yourcompany.com"
Adding an MX record will redirect all incoming mail on that domain through TempMail. Use a subdomain (e.g. temp.yourcompany.com) to avoid disrupting existing email.
Frequently Asked Questions
Answers to the most common questions.
Yes. Attachments up to 10MB are accepted and displayed inline for image types (PNG, JPG, GIF). Other file types show as download links. Attachments are deleted along with the email when the address expires.
Most likely your address has expired. Free addresses have a 60-minute TTL. You can check the expiry time displayed on the inbox page. If the address is still active, some senders add delays of up to 5 minutes before retrying delivery.
Some services maintain lists of known disposable email domains and reject them at registration. Premium custom domains are significantly less likely to be blocked because they don't match any public blocklist.
No. TempMail is receive-only by design. Outbound SMTP is not supported and will never be added. This is a deliberate decision to prevent abuse and to keep the service focused on its core use case.
Free addresses cannot be extended. Premium accounts can set a TTL of up to 30 days at generation time via the ttl parameter in the API, or by selecting the duration in the dashboard before generating.
Changelog
Recent updates to the TempMail API and platform.

v2.1.0 — March 2026

  • Added webhook support for real-time message delivery to your server
  • Improved OTP detection regex to cover alphanumeric codes
  • New DELETE /delete.php endpoint for early address destruction
  • TLS 1.3 now enforced on all connections — TLS 1.2 deprecated

v2.0.0 — January 2026

  • Full API v2 with consistent JSON responses and new error codes
  • Custom domain support launched for Premium accounts
  • WebSocket delivery channel replaces long-polling
  • Python and PHP SDKs released

v1.8.0 — October 2025

  • Browser extension released for Chrome and Firefox
  • Mobile apps (iOS + Android) launched
  • Attachment support added (up to 10MB)