API Reference
REST API untuk integrasi TempMail secara programatik.
Semua response JSON. Autentikasi via session cookie.
Base: https://tmail.biz.id/api.php
⚠ Semua POST butuh CSRF token. Ambil via GET ?action=token → kirim sebagai header X-CSRF-Token atau field csrf_token.
GET
?action=token
Ambil CSRF Token
Response
{"token":"a1b2c3..."}
GET
?action=domains
Daftar domain aktif
Response
{"success":true,"domains":["tmail.biz.id"]}
POST
?action=set_address
Buat / set alamat email
Parameters
| Field | Type | Keterangan |
|---|
| typewajib |
string | random atau custom |
| domain |
string | domain tujuan |
| customwajib |
string | nama lokal (min 3 karakter) |
| csrf_tokenwajib |
string | CSRF token |
Response
{"success":true,"address":"abc123@tmail.biz.id"}
Response (terkunci)
{"success":false,"locked":true,"address":"nama@tmail.biz.id","message":"Email terkunci"}
GET
?action=inbox
Fetch daftar email inbox
Response
{
"success": true,
"address": "abc123@tmail.biz.id",
"count": 2,
"locked": false,
"emails": [
{
"uid": 42,
"from": "sender@example.com",
"subject": "Kode OTP kamu",
"date": "Sat, 05 Apr 2025 10:00:00 +0700",
"time": "2j lalu",
"seen": false,
"cached": true
}
]
}
GET
?action=read
Baca isi email
Parameters
| Field | Type | Keterangan |
|---|
| uidwajib |
integer | UID email dari inbox |
Response
{
"success": true,
"from": "sender@example.com",
"to": "abc123@tmail.biz.id",
"subject": "Kode OTP kamu",
"date": "Sat, 05 Apr 2025 10:00:00 +0700",
"body": "<html>...isi email...</html>",
"cached": true
}
GET
?action=delete
Hapus email
Parameters
| Field | Type | Keterangan |
|---|
| uidwajib |
integer | UID email |
Response
{"success":true}
POST
?action=lock
Kunci alamat email aktif
Parameters
| Field | Type | Keterangan |
|---|
| passwordwajib |
string | Min 4 karakter |
| csrf_tokenwajib |
string | CSRF token |
Response
{"success":true,"message":"Email berhasil dikunci"}
POST
?action=unlock
Buka kunci alamat email aktif
Parameters
| Field | Type | Keterangan |
|---|
| passwordwajib |
string | Password saat kunci |
| csrf_tokenwajib |
string | CSRF token |
Response
{"success":true,"message":"Kunci dibuka"}
POST
?action=check_lock
Verifikasi & set alamat terkunci sebagai aktif
Parameters
| Field | Type | Keterangan |
|---|
| addresswajib |
string | Alamat email lengkap |
| passwordwajib |
string | Password kunci |
| csrf_tokenwajib |
string | CSRF token |
Response
{"success":true,"address":"nama@tmail.biz.id"}
Akses Langsung via URL
https://tmail.biz.id/namauser@tmail.biz.id
Contoh: https://tmail.biz.id/budi@tmail.biz.id
→ Langsung buka inbox budi@tmail.biz.id→ Jika terkunci: popup password muncul otomatis
Rate Limits
set_address : 20 req/menit
inbox : 120 req/menit
read : 60 req/menit
delete : 30 req/menit
lock/unlock : 10 req/menit
Contoh — JavaScript
1. Ambil CSRF Token
const { token } = await fetch('https://tmail.biz.id/api.php?action=token').then(r=>r.json());
2. Buat Email Baru
const fd = new FormData();
fd.append('type', 'random');
fd.append('csrf_token', token);
const { address } = await fetch('https://tmail.biz.id/api.php?action=set_address', {
method: 'POST', body: fd
}).then(r=>r.json());
// address = "abc123@tmail.biz.id"
3. Fetch Inbox
const { emails } = await fetch('https://tmail.biz.id/api.php?action=inbox').then(r=>r.json());
// emails[0].uid, .from, .subject, .time, .seen
4. Baca Email
const { body } = await fetch(`https://tmail.biz.id/api.php?action=read&uid=${emails[0].uid}`).then(r=>r.json());
5. Hapus Email
await fetch(`https://tmail.biz.id/api.php?action=delete&uid=${emails[0].uid}`);