API
LiteMX API
The API backs the CLI and MCP paths. Use it directly when automation needs mailbox, domain, message, draft, token, audit, or retention operations.
OpenAPI
The machine-readable OpenAPI document is served by the API Worker at https://litemx-api-worker.litemx.workers.dev/openapi.json.
https://litemx-api-worker.litemx.workers.dev/openapi.jsonAuthentication
API requests use bearer tokens. Use the founder admin token for operator setup, then create scoped LiteMX tokens for agents, scripts, and mailbox-specific automation.
curl -H "Authorization: Bearer <token>" \
https://litemx-api-worker.litemx.workers.dev/api/messages?mailbox=support@example.comScoped tokens can limit mailbox access and separate read, search, draft, send, and audit actions. Read scope does not imply send scope.
Endpoint Groups
| Group | Endpoints |
|---|---|
| System | GET /openapi.jsonGET /api/healthGET /api/bootstrap |
| Domains | GET /api/domainsPOST /api/domainsGET /api/domains/{domain}/statusGET /api/domains/{domain}/dns-planPUT /api/domains/{domain}/readiness |
| Mailboxes and routing | GET /api/mailboxesPOST /api/mailboxesGET /api/mailboxes/{mailbox}DELETE /api/mailboxes/{mailbox}GET /api/mailboxes/{mailbox}/retentionPUT /api/mailboxes/{mailbox}/retentionGET /api/aliasesPOST /api/aliasesDELETE /api/aliases/{alias}GET /api/catchalls/{domain}PUT /api/catchalls/{domain} |
| Messages and threads | GET /api/messagesGET /api/messages/searchGET /api/messages/{id}POST /api/messages/{id}/replyGET /api/threadsGET /api/threads/{id}POST /api/threads/{id}/replyPOST /api/threads/{id}/drafts |
| Drafts and sending | GET /api/draftsPOST /api/draftsGET /api/drafts/{id}POST /api/drafts/{id}/sendPOST /api/send |
| Tokens, audit, retention, MCP | GET /api/tokensPOST /api/tokensDELETE /api/tokens/{id}GET /api/auditPOST /api/retention/runGET /mcpPOST /mcp |
| Inbound | POST /api/inbound/simulatePOST /api/inbound/ses |
Errors And Send Preflight
Error responses include structured fields used by the CLI for operator output. Treat domain readiness errors, outbound-disabled errors, send-limit errors, and provider production-access failures as hard stops.
Send endpoints share the same outbound preflight as the CLI and MCP: verified provider readiness, explicit send scope for scoped tokens, per-message recipient caps, plan limits, policy checks, and provider approval.