A Fuco Mail Temporary email platform
API Online Login Sign Up
Documentation

Everything you need to know about Fuco Mail.

Create temporary inboxes, receive emails in real time and integrate mailbox workflows into your product, backend or test suite.

Getting Started

3 simple steps to start using the API.

  1. Get an active API key from your dashboard, or ask your workspace admin if you are self-hosting.
  2. Call the generate endpoint to create a temporary address.
  3. Use the returned mailbox in your app with Bearer authentication.

API Keys

Manage your API keys for secure access.

  • API keys are sent as Authorization: Bearer YOUR_API_KEY.
  • Generated keys start with fuco_.
  • Copy the key when it is created and store it securely.
  • Never share it publicly or commit it to git.

If you are self-hosting, keys are created from the control panel.

Python Wrapper

Download a starter Python client for quick integration.

Download Python Client 
from fuco_mail import FucoMailAPI

api = FucoMailAPI(api_key="fuco_your_key_here", base_url="https://mail.fuco.cc")
mail = api.generate_email(prefix="test")
inbox = api.get_inbox(mail["email"])

JavaScript Wrapper

Download a starter JavaScript or Node.js client for quick integration.

Download JavaScript Client 
import { FucoMail } from "./fuco_mail.js";

const api = new FucoMail("fuco_your_key_here", "https://mail.fuco.cc");
const mail = await api.generateEmail("test");
const inbox = await api.getInbox(mail.email);

API Reference

Simple REST API with Bearer token authentication.

GET /api/status

Public status endpoint. No authentication required.

{
  "status": "online",
  "service": "Fuco Mail",
  "timestamp": "2026-05-05T20:00:00.000Z"
}
GET /api/public/inbox/:email

Public inbox endpoint used by the browser inbox viewer. No authentication required.

{
  "mailbox": {
    "email": "myname@fuco.cc",
    "created_at": "2026-05-05T20:00:00.000Z",
    "expires_at": "2026-05-12T20:00:00.000Z",
    "source": "web"
  },
  "emails": [
    {
      "id": 1,
      "from_name": "Sender",
      "from_email": "sender@example.com",
      "subject": "Welcome",
      "html": "<p>Hello</p>",
      "text": "Hello",
      "received_at": "2026-05-05T20:10:00.000Z"
    }
  ]
}
POST /api/email/generate

Create a new temporary email address.

{
  "Authorization": "Bearer YOUR_API_KEY",
  "Content-Type": "application/json"
}
{
  "prefix": "myname"
}
{
  "email": "myname@fuco.cc",
  "created_at": "2026-05-05T20:00:00.000Z",
  "expires_at": "2026-05-12T20:00:00.000Z"
}
GET /api/email/inbox/:email

Get all emails for a temporary address that belongs to your API key.

{
  "Authorization": "Bearer YOUR_API_KEY"
}
{
  "emails": [
    {
      "id": 1,
      "from_name": "Sender",
      "from_email": "sender@example.com",
      "subject": "Welcome",
      "html": "<p>Hello</p>",
      "text": "Hello",
      "received_at": "2026-05-05T20:10:00.000Z"
    }
  ]
}
DELETE /api/email/remove/:email

Delete a temporary email address that belongs to your API key.

{
  "Authorization": "Bearer YOUR_API_KEY"
}
{
  "success": true
}

Features

What you can do with Fuco Mail.

  • Instant generation of temporary email addresses via API.
  • Real-time inbox retrieval for OTP, signup and verification flows.
  • Public browser inbox viewer for quick manual inspection.
  • Custom domains supported through the active mailbox domain configuration.

Security

Your data is protected by simple, strict access rules.

  • Bearer token authentication is required for private API routes.
  • Mailboxes created with one API key cannot be read or deleted by another key.
  • Temporary inboxes expire after 7 days.
  • Invalid or missing credentials return a 401 response.

Mailbox Rules

  • Prefixes are normalized to lowercase.
  • Spaces are converted to hyphens and unsupported characters are removed.
  • The stored prefix is limited to 24 characters before any uniqueness suffix is added.
  • If no prefix is provided, a random mailbox is generated automatically.

Error Responses

401 { "error": "Invalid or missing API key" }
403 { "error": "This inbox does not belong to your API key" }
404 { "error": "Inbox not found" }

Use 404 for missing or expired inboxes, and 403 when the mailbox belongs to another API key.

cURL

# Generate email
curl -X POST https://mail.fuco.cc/api/email/generate \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"prefix":"myname"}'

# Get inbox
curl https://mail.fuco.cc/api/email/inbox/myname@fuco.cc \
  -H "Authorization: Bearer YOUR_API_KEY"

# Delete email
curl -X DELETE https://mail.fuco.cc/api/email/remove/myname@fuco.cc \
  -H "Authorization: Bearer YOUR_API_KEY"

JavaScript

const API_KEY = "YOUR_API_KEY";
const API_URL = "https://mail.fuco.cc";

const created = await fetch(`${API_URL}/api/email/generate`, {
  method: "POST",
  headers: {
    "Authorization": `Bearer ${API_KEY}`,
    "Content-Type": "application/json"
  },
  body: JSON.stringify({ prefix: "myname" })
});

const { email } = await created.json();
const inbox = await fetch(`${API_URL}/api/email/inbox/${email}`, {
  headers: { "Authorization": `Bearer ${API_KEY}` }
});

const { emails } = await inbox.json();

Python

import requests

API_KEY = "YOUR_API_KEY"
API_URL = "https://mail.fuco.cc"
headers = {"Authorization": f"Bearer {API_KEY}"}

created = requests.post(
    f"{API_URL}/api/email/generate",
    headers=headers,
    json={"prefix": "myname"}
)
email = created.json()["email"]

inbox = requests.get(f"{API_URL}/api/email/inbox/{email}", headers=headers)
emails = inbox.json()["emails"]

Domain Behavior

All generated emails use the active domain fuco.cc.

  • Generated mailboxes include creation and expiration timestamps.
  • The public inbox endpoint also returns mailbox metadata and source information.
  • Real inbound mail requires the domain MX record to point to the SMTP listener.
  • The SMTP listener only accepts mail for active generated inboxes.

Frequently Asked Questions

  • How do I get an API key? Create it from the dashboard, or ask your workspace admin if you are self-hosting.
  • How long do emails last? Temporary mailboxes expire after 7 days.
  • Can I recover a lost API key? No. Revoke it and create a new one.
  • Can anyone read my mailbox? The authenticated inbox endpoint is private to the API key that created it. The public inbox endpoint is intended for browser viewing when you already know the mailbox address.
  • Can I use my own domain? Yes, as long as the active domain is configured on the server and its MX points to the SMTP listener.