Skip to main content
Every request to the UGMail Management API must be authenticated using a Bearer token. There are no API keys, no OAuth flows, and no session cookies — just a single token you pass in the Authorization header on every call. This keeps integration simple and predictable across any language or HTTP client.

Obtaining Your Token

Your Bearer token lives in the UGMail dashboard:
1

Log in to your account

Go to my.ugmail.co and sign in.
2

Open Settings

Click Settings in the left-hand navigation.
3

Navigate to API Connection

Select API Connection from the Settings menu. Your token is displayed here. Copy it to a secure location.

Using Your Token

Pass your token in the Authorization header with the Bearer scheme on every API request:

Example Request

Replace YOUR_TOKEN with the token you copied from Settings → API Connection. This pattern is the same regardless of which endpoint you call — authentication never changes.

Authentication Errors

If your request is not authenticated correctly, the API returns one of the following errors: A 401 response means the API could not identify you at all. A 403 response means it identified you successfully but determined you are not permitted to perform that operation.

Keeping Your Token Secure

Never expose your Bearer token in client-side code, public repositories, or frontend applications. Anyone who obtains your token has full access to your UGMail account’s resources. Store it in an environment variable or a secrets manager, and never commit it to version control.
Best practices for token security:
  • Store your token in environment variables (e.g., UGMAIL_API_TOKEN) rather than hardcoding it
  • Use a secrets manager (such as AWS Secrets Manager, HashiCorp Vault, or Doppler) in production environments
  • Restrict access to the token to only the services and team members that need it
  • Rotate your token if you suspect it has been compromised

Rotating Your Token

If your token is exposed or you want to issue a fresh one, you can regenerate it at any time:
1

Go to Settings → API Connection

Navigate to my.ugmail.coSettingsAPI Connection.
2

Click Regenerate Token

Select Regenerate Token. A new token is issued immediately.
3

Update your integrations

Replace the old token in all of your applications, scripts, and environment variables with the new one. The old token is invalidated instantly.
Rotate your token on a regular schedule as a security best practice — especially before and after team member changes.
Last modified on July 17, 2026