Authorization header on every call. This keeps integration simple and predictable across any language or HTTP client.
Obtaining Your Token
Your Bearer token lives in the UGMail dashboard:1
Log in to your account
Go to my.ugmail.co and sign in.
2
Open Settings
Click Settings in the left-hand navigation.
3
Navigate to API Connection
Select API Connection from the Settings menu. Your token is displayed here. Copy it to a secure location.
Using Your Token
Pass your token in theAuthorization header with the Bearer scheme on every API request:
Example Request
YOUR_TOKEN with the token you copied from Settings → API Connection. This pattern is the same regardless of which endpoint you call — authentication never changes.
Authentication Errors
If your request is not authenticated correctly, the API returns one of the following errors:
A
401 response means the API could not identify you at all. A 403 response means it identified you successfully but determined you are not permitted to perform that operation.
Keeping Your Token Secure
Best practices for token security:- Store your token in environment variables (e.g.,
UGMAIL_API_TOKEN) rather than hardcoding it - Use a secrets manager (such as AWS Secrets Manager, HashiCorp Vault, or Doppler) in production environments
- Restrict access to the token to only the services and team members that need it
- Rotate your token if you suspect it has been compromised
Rotating Your Token
If your token is exposed or you want to issue a fresh one, you can regenerate it at any time:1
Go to Settings → API Connection
Navigate to my.ugmail.co → Settings → API Connection.
2
Click Regenerate Token
Select Regenerate Token. A new token is issued immediately.
3
Update your integrations
Replace the old token in all of your applications, scripts, and environment variables with the new one. The old token is invalidated instantly.

