Base URL
All endpoints are served from a single base URL:/api/v1. For example, listing subscribers is GET https://api.railmail.app/api/v1/subscribers.
Authentication in one line
Every request must carry a project-scoped API key in theX-API-Key header:
Authorization: Bearer alternative.
Project isolation
A key resolves to exactly one project. All reads and writes are automatically isolated to that project and its tenant — a key can never read or modify another project’s data. You do not pass a project or tenant identifier; the key determines it.Conventions
JSON everywhere
Request and response bodies are
application/json. Errors use application/problem+json (RFC 7807).Standard verbs
GET reads, POST creates, PATCH updates, DELETE removes. Verbs behave as you’d expect.Scoped keys
Each operation requires a specific scope, listed in its description. A missing scope returns
403.Rate limited
60 requests per minute per key. See Rate limits.
Canonical flow: add your users to your topics
A common first integration — subscribe your users to a topic:Discover topic keys
Call
GET /api/v1/topics to list the topics in your project and read their topicKey values.Create and subscribe in one call
Call
POST /api/v1/subscribers with topicKeys + consent to create a subscriber and subscribe them at once — or POST /api/v1/subscribers/{email}/consents to subscribe an existing subscriber.