Reference For The Full Audit Workflow
This is the complete contract for the Email Domain Trust Auditor API: scored single-domain audits, bulk portfolio checks, same-domain compare, remediation planning, provider discovery, finding catalog access, and report rendering. Use it when you want exact request and response models, not just conceptual docs.
What You Can Inspect Here
Every endpoint, schema, example payload, response header, and validation shape exposed by the public API contract.
Best Used For
SDK generation, backend integrations, workflow automation, and checking exactly how audit, compare, and report calls are modeled.
What Makes This API Different
It is built around public DNS posture, score interpretation, selector-aware DKIM coverage, provider-aware hints, and remediation/report workflows rather than generic DNS lookup output.
/trust/v1/free/audits/domain
Audit a domain — BASIC
Audit one domain and return its score, grade, risk level, and top prioritized findings. The BASIC response intentionally favors high-signal issues and may omit low-priority informational items on otherwise strong domains. Upgrade to a paid plan for the complete findings list, bulk audits, compare, fix-plan, and richer reporting.
Request Body
RequiredBody AuditRequest object
Body of ``POST /v1/free/audits/domain`` and ``POST /v1/pro/audits/domain``.
Email domain to audit (e.g. 'example.com').
Email domain to audit (e.g. 'example.com').
Exact DKIM selectors to check. Use selector names copied from the sending platform when possible because catalog examples are not authoritative for every domain. If omitted, the API may conservatively test common selectors only when a single stable provider match exists; exact provider-issued selectors still produce the most authoritative result.
Exact DKIM selectors to check. Use selector names copied from the sending platform when possible because catalog examples are not authoritative for every domain. If omitted, the API may conservatively test common selectors only when a single stable provider match exists; exact provider-issued selectors still produce the most authoritative result.
Item object object
Whether to fetch and validate the MTA-STS policy file over HTTPS.
Whether to fetch and validate the MTA-STS policy file over HTTPS.
Whether to check for a BIMI DNS record. This is syntax-only validation; it does not verify logo hosting, SVG profile compliance, trademark eligibility, or VMC/CMC certificate trust.
Whether to check for a BIMI DNS record. This is syntax-only validation; it does not verify logo hosting, SVG profile compliance, trademark eligibility, or VMC/CMC certificate trust.
ProviderContext ProviderContext object
Declared mail provider/profile. Accepted canonical ids include: amazon_ses, google_workspace, klaviyo, mailchimp, microsoft_365, sendgrid. Aliases from `/v1/pro/providers` are also accepted and normalized.
Declared mail provider/profile. Accepted canonical ids include: amazon_ses, google_workspace, klaviyo, mailchimp, microsoft_365, sendgrid. Aliases from `/v1/pro/providers` are also accepted and normalized.
Item object object
Item object object
curl -H 'content-type: application/json' \
-H 'X-RapidAPI-Key: YOUR_RAPIDAPI_KEY' \
-H 'X-RapidAPI-Host: email-domain-trust-auditor.p.rapidapi.com' \
-X POST 'https://email-domain-trust-auditor.p.rapidapi.com/trust/v1/free/audits/domain' \
-d '{
"check_bimi": true,
"check_mta_sts_policy": true,
"dkim_selectors": [
"provider-issued-selector-1"
],
"domain": "google.com",
"provider_context": {
"provider": "google_workspace"
}
}'{
"check_bimi": true,
"check_mta_sts_policy": true,
"dkim_selectors": [
"provider-issued-selector-1"
],
"domain": "google.com",
"provider_context": {
"provider": "google_workspace"
}
}200 Successful Response
{
"assessment_confidence": "high",
"audit_id": "eba3de04-9956-4b62-bcb8-23b82eabba1d",
"coverage_summary": "The apex appears intentionally configured as a non-mail domain (null MX + SPF -all). Interpret the score as protective DNS posture, not active sender-program readiness.",
"domain": "example.com",
"enforcement_status": "partial",
"grade": "A+",
"mail_flow_note": "The apex publishes null MX and SPF -all. Treat the score as protective DNS posture for a non-mail apex, not active sender-program readiness.",
"mail_flow_profile": "apex_non_mail_protected",
"risk_level": "low",
"score": 95,
"top_findings": [
{
"check": "dmarc",
"evidence": "Record: v=DMARC1;p=reject;sp=reject;adkim=s;aspf=s | Issues: No 'rua' tag \u2014 aggregate reports will not be received.",
"fix": "Add rua=mailto:<monitored-dmarc-report-mailbox> to receive aggregate reports.",
"id": "dmarc.missing_rua",
"severity": "medium",
"status": "warn",
"title": "DMARC Missing Aggregate Reporting URI"
}
],
"top_recommendations": [
"Add rua=mailto:<monitored-dmarc-report-mailbox> to receive aggregate reports."
],
"upgrade_note": "Upgrade to Pro for full findings, bulk audits, compare, and fix-plan endpoints."
}Response schema FreeAuditResponse object
Trimmed response for the free-tier single-domain audit endpoint. Contains the score, grade, risk level, and a prioritized subset of findings. Upgrade to Pro for the full findings list, score breakdown, provider analysis, bulk audits, compare, and remediation fix-plans.
Unique identifier for this audit run (UUID-4).
Unique identifier for this audit run (UUID-4).
Original domain as submitted.
Original domain as submitted.
Overall trust score (0-100). Read alongside risk level, assessment confidence, and coverage summary; provisional DKIM coverage or critical anti-spoofing gaps can cap the top-line result.
Overall trust score (0-100). Read alongside risk level, assessment confidence, and coverage summary; provisional DKIM coverage or critical anti-spoofing gaps can cap the top-line result.
Letter grade: A+ / A / B / C / D / F. Interpret alongside risk level, assessment confidence, and coverage summary rather than as a standalone safety verdict.
Letter grade: A+ / A / B / C / D / F. Interpret alongside risk level, assessment confidence, and coverage summary rather than as a standalone safety verdict.
Aggregate risk level: critical | high | medium | low.
Aggregate risk level: critical | high | medium | low.
Email authentication enforcement posture: none | partial | full.
Email authentication enforcement posture: none | partial | full.
Visible mail-role classification for the audited apex domain.
Visible mail-role classification for the audited apex domain.
How complete the evidence was for this assessment: high | medium | low.
How complete the evidence was for this assessment: high | medium | low.
What was directly evaluated versus left partially covered or provisional.
What was directly evaluated versus left partially covered or provisional.
Up to 5 prioritized findings. The response prefers critical/high actionable issues, then backfills medium-severity gaps when needed. Low-priority informational findings may be omitted on otherwise strong domains. Upgrade to Pro for the complete findings list.
Up to 5 prioritized findings. The response prefers critical/high actionable issues, then backfills medium-severity gaps when needed. Low-priority informational findings may be omitted on otherwise strong domains. Upgrade to Pro for the complete findings list.
Item object object
Up to 3 highest-priority recommendations. Upgrade to Pro for the full prioritized list and a step-by-step fix plan.
Up to 3 highest-priority recommendations. Upgrade to Pro for the full prioritized list and a step-by-step fix plan.
Item object object
Description of additional capabilities available in the Pro tier.
Description of additional capabilities available in the Pro tier.
Item object object
403 In protected production deployments, direct origin calls without RapidAPI forwarding are rejected. RapidAPI marketplace consumers authenticate through RapidAPI and should not be shown or asked to send X-RapidAPI-Proxy-Secret themselves.
{
"detail": "Forbidden: invalid or missing proxy secret."
}422 Validation Error
Response schema HTTPValidationError object
Item object object
Item object object
/trust/v1/pro/audits/domain
Audit a domain — Paid
Full audit: score, grade, all findings, risk summary, score breakdown, provider analysis, assessment confidence, coverage summary, and recommendations.
Request Body
RequiredBody AuditRequest object
Body of ``POST /v1/free/audits/domain`` and ``POST /v1/pro/audits/domain``.
Email domain to audit (e.g. 'example.com').
Email domain to audit (e.g. 'example.com').
Exact DKIM selectors to check. Use selector names copied from the sending platform when possible because catalog examples are not authoritative for every domain. If omitted, the API may conservatively test common selectors only when a single stable provider match exists; exact provider-issued selectors still produce the most authoritative result.
Exact DKIM selectors to check. Use selector names copied from the sending platform when possible because catalog examples are not authoritative for every domain. If omitted, the API may conservatively test common selectors only when a single stable provider match exists; exact provider-issued selectors still produce the most authoritative result.
Item object object
Whether to fetch and validate the MTA-STS policy file over HTTPS.
Whether to fetch and validate the MTA-STS policy file over HTTPS.
Whether to check for a BIMI DNS record. This is syntax-only validation; it does not verify logo hosting, SVG profile compliance, trademark eligibility, or VMC/CMC certificate trust.
Whether to check for a BIMI DNS record. This is syntax-only validation; it does not verify logo hosting, SVG profile compliance, trademark eligibility, or VMC/CMC certificate trust.
ProviderContext ProviderContext object
Declared mail provider/profile. Accepted canonical ids include: amazon_ses, google_workspace, klaviyo, mailchimp, microsoft_365, sendgrid. Aliases from `/v1/pro/providers` are also accepted and normalized.
Declared mail provider/profile. Accepted canonical ids include: amazon_ses, google_workspace, klaviyo, mailchimp, microsoft_365, sendgrid. Aliases from `/v1/pro/providers` are also accepted and normalized.
Item object object
Item object object
curl -H 'content-type: application/json' \
-H 'X-RapidAPI-Key: YOUR_RAPIDAPI_KEY' \
-H 'X-RapidAPI-Host: email-domain-trust-auditor.p.rapidapi.com' \
-X POST 'https://email-domain-trust-auditor.p.rapidapi.com/trust/v1/pro/audits/domain' \
-d '{
"check_bimi": true,
"check_mta_sts_policy": true,
"dkim_selectors": [
"provider-issued-selector-1"
],
"domain": "google.com",
"provider_context": {
"provider": "google_workspace"
}
}'{
"check_bimi": true,
"check_mta_sts_policy": true,
"dkim_selectors": [
"provider-issued-selector-1"
],
"domain": "google.com",
"provider_context": {
"provider": "google_workspace"
}
}200 Successful Response
{
"audit_id": "f554d658-3b8b-4fd3-96d1-d9a8157d291b",
"audited_at": "2026-04-13T05:21:12.534282Z",
"domain": "example.com",
"findings": [
{
"check": "mx",
"evidence": "MX record is explicitly set to '.' (null MX), indicating the domain does not accept inbound email.",
"id": "mx.null_mx",
"severity": "low",
"status": "not_applicable",
"title": "Null MX Published (No Inbound Mail)"
},
{
"check": "spf",
"evidence": "SPF record found with '-all' (hard-fail). Record: v=spf1 -all",
"id": "spf.pass",
"severity": "low",
"status": "pass",
"title": "SPF Valid"
},
{
"check": "dmarc",
"evidence": "Record: v=DMARC1;p=reject;sp=reject;adkim=s;aspf=s | Issues: No 'rua' tag \u2014 aggregate reports will not be received.",
"fix": "Add rua=mailto:<monitored-dmarc-report-mailbox> to receive aggregate reports.",
"id": "dmarc.missing_rua",
"severity": "medium",
"status": "warn",
"title": "DMARC Missing Aggregate Reporting URI"
}
],
"grade": "A+",
"mail_flow_note": "The apex publishes null MX and SPF -all. Treat the score as protective DNS posture for a non-mail apex, not active sender-program readiness.",
"mail_flow_profile": "apex_non_mail_protected",
"normalized_domain": "example.com",
"raw": {
"_meta": {
"dkim_selectors_supplied": [],
"request_flags": {
"check_bimi": true,
"check_mta_sts_policy": true
}
},
"dmarc": {
"records": [
"v=DMARC1;p=reject;sp=reject;adkim=s;aspf=s"
],
"tags": {
"adkim": "s",
"aspf": "s",
"p": "reject",
"sp": "reject",
"v": "DMARC1"
}
},
"mx": {
"null_mx": true,
"records": [
""
]
},
"spf": {
"records": [
"v=spf1 -all"
]
}
},
"recommendations": [
"Add rua=mailto:<monitored-dmarc-report-mailbox> to receive aggregate reports."
],
"risk": {
"assessment_confidence": "high",
"coverage_summary": "The apex appears intentionally configured as a non-mail domain (null MX + SPF -all). Interpret the score as protective DNS posture, not active sender-program readiness.",
"deliverability_risk": "Low \u2014 the domain publishes a null MX, so inbound delivery is intentionally disabled at the apex.",
"enforcement_status": "partial",
"executive_summary": "The domain received a score of 95/100 (grade A+). The apex appears intentionally configured as a protected non-mail domain; remaining findings are monitoring or coverage gaps, not evidence that an active sender program is only partially enforced.",
"risk_level": "low",
"spoofing_risk": "Low \u2014 the apex publishes null MX and SPF -all, so it appears intentionally configured not to receive or send mail from the apex.",
"top_3_actions": [
"Add rua=mailto:<monitored-dmarc-report-mailbox> to receive aggregate reports."
]
},
"scope": {
"entity_type": "root_domain",
"evaluated_entity": "example.com",
"scope_note": "This audit evaluates the domain's publicly visible email trust posture based on DNS records and, where applicable, the MTA-STS policy file. Some production sending infrastructure may live on subdomains or use provider-managed selectors not fully visible from this scope. DKIM evaluation requires explicit selectors. BIMI validation is syntax-only (VMC certificate verification is not performed)."
},
"score": 95,
"score_breakdown": {
"dkim": {
"earned": 0.0,
"note": "Not applicable to this domain, so it is excluded from the normalized 0-100 breakdown.",
"possible": 0.0,
"status": "not_applicable"
},
"dmarc": {
"earned": 45.0,
"possible": 50.0,
"status": "warn"
},
"mx": {
"earned": 0.0,
"note": "Not applicable to this domain, so it is excluded from the normalized 0-100 breakdown.",
"possible": 0.0,
"status": "not_applicable"
},
"spf": {
"earned": 50.0,
"possible": 50.0,
"status": "pass"
}
},
"score_version": "11"
}Response schema AuditResponse object
Unique identifier for this audit run (UUID-4).
Unique identifier for this audit run (UUID-4).
UTC timestamp when the audit was executed (ISO-8601).
UTC timestamp when the audit was executed (ISO-8601).
Original domain as submitted.
Original domain as submitted.
Domain after normalization (punycode).
Domain after normalization (punycode).
Scope Scope object
The exact domain string that was audited.
The exact domain string that was audited.
Type of entity evaluated: root_domain | subdomain.
Type of entity evaluated: root_domain | subdomain.
Human-readable disclaimer about what this audit covers and what it does not.
Human-readable disclaimer about what this audit covers and what it does not.
Item object object
How to interpret the apex domain's visible mail role: active_mail_domain, apex_non_mail_protected, apex_inbound_disabled, apex_outbound_or_subdomain_mail_possible, or mail_role_unknown.
How to interpret the apex domain's visible mail role: active_mail_domain, apex_non_mail_protected, apex_inbound_disabled, apex_outbound_or_subdomain_mail_possible, or mail_role_unknown.
Overall trust score (0-100). Read alongside risk, assessment confidence, and coverage notes; critical anti-spoofing gaps or provisional DKIM coverage can cap the top-line result.
Overall trust score (0-100). Read alongside risk, assessment confidence, and coverage notes; critical anti-spoofing gaps or provisional DKIM coverage can cap the top-line result.
Scoring model version (for reproducibility).
Scoring model version (for reproducibility).
Per-check score breakdown showing earned vs possible normalised points. Included checks sum to roughly 100 possible points; excluded checks show 0 possible with an explanatory note.
Score Breakdown Score Breakdown object
Per-check score breakdown showing earned vs possible normalised points. Included checks sum to roughly 100 possible points; excluded checks show 0 possible with an explanatory note.
Dictionary value ScoreBreakdownEntry object
Normalised points earned for this check.
Normalised points earned for this check.
Maximum normalised points available for this check within the current 0-100 scoring basis. Checks excluded from scoring report 0.0 here and explain why in `note`.
Maximum normalised points available for this check within the current 0-100 scoring basis. Checks excluded from scoring report 0.0 here and explain why in `note`.
Finding status used for scoring.
Finding status used for scoring.
Item object object
Item object object
Letter grade: A+ / A / B / C / D / F. Interpret alongside risk, assessment confidence, and coverage summary rather than as a standalone safety verdict.
Letter grade: A+ / A / B / C / D / F. Interpret alongside risk, assessment confidence, and coverage summary rather than as a standalone safety verdict.
RiskSummary RiskSummary object
One-paragraph human-readable overview of the domain's email trust posture.
One-paragraph human-readable overview of the domain's email trust posture.
critical | high | medium | low
critical | high | medium | low
How exposed the domain is to email spoofing.
How exposed the domain is to email spoofing.
How likely legitimate email is to be rejected or junked.
How likely legitimate email is to be rejected or junked.
none | partial | full
none | partial | full
How complete the evidence was for this assessment: high | medium | low.
How complete the evidence was for this assessment: high | medium | low.
What was directly evaluated versus left partially covered or provisional.
What was directly evaluated versus left partially covered or provisional.
The three highest-priority actions the domain owner should take.
The three highest-priority actions the domain owner should take.
Item object object
Item object object
Item object object
Prioritised list of actionable recommendations.
Prioritised list of actionable recommendations.
Item object object
Raw data from each check, keyed by check category.
Raw Raw object
Raw data from each check, keyed by check category.
Additional object keys are allowed with arbitrary JSON values.
Item object object
ProviderAnalysis ProviderAnalysis object
Primary provider/profile selected by declared context or DNS heuristics. For inferred analysis this is not a complete account inventory; inspect `matched_providers`, `secondary_providers`, warnings, and verification steps.
Primary provider/profile selected by declared context or DNS heuristics. For inferred analysis this is not a complete account inventory; inspect `matched_providers`, `secondary_providers`, warnings, and verification steps.
How the provider was identified: declared | inferred.
How the provider was identified: declared | inferred.
Item object object
Item object object
Item object object
All provider profiles whose SPF evidence matched this domain. Useful when multiple sending platforms appear in the same SPF record.
All provider profiles whose SPF evidence matched this domain. Useful when multiple sending platforms appear in the same SPF record.
Item object object
Additional matched providers beyond the primary `provider` field.
Additional matched providers beyond the primary `provider` field.
Item object object
Confidence in the inferred provider heuristic: high | medium | low.
Confidence in the inferred provider heuristic: high | medium | low.
Common selector names or patterns associated with this provider. Treat them as discovery hints to verify, not authoritative selector inventories.
Common selector names or patterns associated with this provider. Treat them as discovery hints to verify, not authoritative selector inventories.
Item object object
Item object object
none | low | medium | high
none | low | medium | high
Item object object
Item object object
Item object object
403 In protected production deployments, direct origin calls without RapidAPI forwarding are rejected. RapidAPI marketplace consumers authenticate through RapidAPI and should not be shown or asked to send X-RapidAPI-Proxy-Secret themselves.
{
"detail": "Forbidden: invalid or missing proxy secret."
}422 Validation Error
Response schema HTTPValidationError object
Item object object
Item object object
/trust/v1/pro/audits/domain/{domain}
Audit a domain — Paid (GET)
Full findings, score breakdown, and provider analysis. Pass DKIM selectors as repeated ?dkim_selectors= params.
Parameters
DKIM selectors to check (repeat for multiple).
curl -H 'X-RapidAPI-Key: YOUR_RAPIDAPI_KEY' \
-H 'X-RapidAPI-Host: email-domain-trust-auditor.p.rapidapi.com' \
'https://email-domain-trust-auditor.p.rapidapi.com/trust/v1/pro/audits/domain/{domain}'200 Successful Response
{
"audit_id": "f554d658-3b8b-4fd3-96d1-d9a8157d291b",
"audited_at": "2026-04-13T05:21:12.534282Z",
"domain": "example.com",
"findings": [
{
"check": "mx",
"evidence": "MX record is explicitly set to '.' (null MX), indicating the domain does not accept inbound email.",
"id": "mx.null_mx",
"severity": "low",
"status": "not_applicable",
"title": "Null MX Published (No Inbound Mail)"
},
{
"check": "spf",
"evidence": "SPF record found with '-all' (hard-fail). Record: v=spf1 -all",
"id": "spf.pass",
"severity": "low",
"status": "pass",
"title": "SPF Valid"
},
{
"check": "dmarc",
"evidence": "Record: v=DMARC1;p=reject;sp=reject;adkim=s;aspf=s | Issues: No 'rua' tag \u2014 aggregate reports will not be received.",
"fix": "Add rua=mailto:<monitored-dmarc-report-mailbox> to receive aggregate reports.",
"id": "dmarc.missing_rua",
"severity": "medium",
"status": "warn",
"title": "DMARC Missing Aggregate Reporting URI"
}
],
"grade": "A+",
"mail_flow_note": "The apex publishes null MX and SPF -all. Treat the score as protective DNS posture for a non-mail apex, not active sender-program readiness.",
"mail_flow_profile": "apex_non_mail_protected",
"normalized_domain": "example.com",
"raw": {
"_meta": {
"dkim_selectors_supplied": [],
"request_flags": {
"check_bimi": true,
"check_mta_sts_policy": true
}
},
"dmarc": {
"records": [
"v=DMARC1;p=reject;sp=reject;adkim=s;aspf=s"
],
"tags": {
"adkim": "s",
"aspf": "s",
"p": "reject",
"sp": "reject",
"v": "DMARC1"
}
},
"mx": {
"null_mx": true,
"records": [
""
]
},
"spf": {
"records": [
"v=spf1 -all"
]
}
},
"recommendations": [
"Add rua=mailto:<monitored-dmarc-report-mailbox> to receive aggregate reports."
],
"risk": {
"assessment_confidence": "high",
"coverage_summary": "The apex appears intentionally configured as a non-mail domain (null MX + SPF -all). Interpret the score as protective DNS posture, not active sender-program readiness.",
"deliverability_risk": "Low \u2014 the domain publishes a null MX, so inbound delivery is intentionally disabled at the apex.",
"enforcement_status": "partial",
"executive_summary": "The domain received a score of 95/100 (grade A+). The apex appears intentionally configured as a protected non-mail domain; remaining findings are monitoring or coverage gaps, not evidence that an active sender program is only partially enforced.",
"risk_level": "low",
"spoofing_risk": "Low \u2014 the apex publishes null MX and SPF -all, so it appears intentionally configured not to receive or send mail from the apex.",
"top_3_actions": [
"Add rua=mailto:<monitored-dmarc-report-mailbox> to receive aggregate reports."
]
},
"scope": {
"entity_type": "root_domain",
"evaluated_entity": "example.com",
"scope_note": "This audit evaluates the domain's publicly visible email trust posture based on DNS records and, where applicable, the MTA-STS policy file. Some production sending infrastructure may live on subdomains or use provider-managed selectors not fully visible from this scope. DKIM evaluation requires explicit selectors. BIMI validation is syntax-only (VMC certificate verification is not performed)."
},
"score": 95,
"score_breakdown": {
"dkim": {
"earned": 0.0,
"note": "Not applicable to this domain, so it is excluded from the normalized 0-100 breakdown.",
"possible": 0.0,
"status": "not_applicable"
},
"dmarc": {
"earned": 45.0,
"possible": 50.0,
"status": "warn"
},
"mx": {
"earned": 0.0,
"note": "Not applicable to this domain, so it is excluded from the normalized 0-100 breakdown.",
"possible": 0.0,
"status": "not_applicable"
},
"spf": {
"earned": 50.0,
"possible": 50.0,
"status": "pass"
}
},
"score_version": "11"
}Response schema AuditResponse object
Unique identifier for this audit run (UUID-4).
Unique identifier for this audit run (UUID-4).
UTC timestamp when the audit was executed (ISO-8601).
UTC timestamp when the audit was executed (ISO-8601).
Original domain as submitted.
Original domain as submitted.
Domain after normalization (punycode).
Domain after normalization (punycode).
Scope Scope object
The exact domain string that was audited.
The exact domain string that was audited.
Type of entity evaluated: root_domain | subdomain.
Type of entity evaluated: root_domain | subdomain.
Human-readable disclaimer about what this audit covers and what it does not.
Human-readable disclaimer about what this audit covers and what it does not.
Item object object
How to interpret the apex domain's visible mail role: active_mail_domain, apex_non_mail_protected, apex_inbound_disabled, apex_outbound_or_subdomain_mail_possible, or mail_role_unknown.
How to interpret the apex domain's visible mail role: active_mail_domain, apex_non_mail_protected, apex_inbound_disabled, apex_outbound_or_subdomain_mail_possible, or mail_role_unknown.
Overall trust score (0-100). Read alongside risk, assessment confidence, and coverage notes; critical anti-spoofing gaps or provisional DKIM coverage can cap the top-line result.
Overall trust score (0-100). Read alongside risk, assessment confidence, and coverage notes; critical anti-spoofing gaps or provisional DKIM coverage can cap the top-line result.
Scoring model version (for reproducibility).
Scoring model version (for reproducibility).
Per-check score breakdown showing earned vs possible normalised points. Included checks sum to roughly 100 possible points; excluded checks show 0 possible with an explanatory note.
Score Breakdown Score Breakdown object
Per-check score breakdown showing earned vs possible normalised points. Included checks sum to roughly 100 possible points; excluded checks show 0 possible with an explanatory note.
Dictionary value ScoreBreakdownEntry object
Normalised points earned for this check.
Normalised points earned for this check.
Maximum normalised points available for this check within the current 0-100 scoring basis. Checks excluded from scoring report 0.0 here and explain why in `note`.
Maximum normalised points available for this check within the current 0-100 scoring basis. Checks excluded from scoring report 0.0 here and explain why in `note`.
Finding status used for scoring.
Finding status used for scoring.
Item object object
Item object object
Letter grade: A+ / A / B / C / D / F. Interpret alongside risk, assessment confidence, and coverage summary rather than as a standalone safety verdict.
Letter grade: A+ / A / B / C / D / F. Interpret alongside risk, assessment confidence, and coverage summary rather than as a standalone safety verdict.
RiskSummary RiskSummary object
One-paragraph human-readable overview of the domain's email trust posture.
One-paragraph human-readable overview of the domain's email trust posture.
critical | high | medium | low
critical | high | medium | low
How exposed the domain is to email spoofing.
How exposed the domain is to email spoofing.
How likely legitimate email is to be rejected or junked.
How likely legitimate email is to be rejected or junked.
none | partial | full
none | partial | full
How complete the evidence was for this assessment: high | medium | low.
How complete the evidence was for this assessment: high | medium | low.
What was directly evaluated versus left partially covered or provisional.
What was directly evaluated versus left partially covered or provisional.
The three highest-priority actions the domain owner should take.
The three highest-priority actions the domain owner should take.
Item object object
Item object object
Item object object
Prioritised list of actionable recommendations.
Prioritised list of actionable recommendations.
Item object object
Raw data from each check, keyed by check category.
Raw Raw object
Raw data from each check, keyed by check category.
Additional object keys are allowed with arbitrary JSON values.
Item object object
ProviderAnalysis ProviderAnalysis object
Primary provider/profile selected by declared context or DNS heuristics. For inferred analysis this is not a complete account inventory; inspect `matched_providers`, `secondary_providers`, warnings, and verification steps.
Primary provider/profile selected by declared context or DNS heuristics. For inferred analysis this is not a complete account inventory; inspect `matched_providers`, `secondary_providers`, warnings, and verification steps.
How the provider was identified: declared | inferred.
How the provider was identified: declared | inferred.
Item object object
Item object object
Item object object
All provider profiles whose SPF evidence matched this domain. Useful when multiple sending platforms appear in the same SPF record.
All provider profiles whose SPF evidence matched this domain. Useful when multiple sending platforms appear in the same SPF record.
Item object object
Additional matched providers beyond the primary `provider` field.
Additional matched providers beyond the primary `provider` field.
Item object object
Confidence in the inferred provider heuristic: high | medium | low.
Confidence in the inferred provider heuristic: high | medium | low.
Common selector names or patterns associated with this provider. Treat them as discovery hints to verify, not authoritative selector inventories.
Common selector names or patterns associated with this provider. Treat them as discovery hints to verify, not authoritative selector inventories.
Item object object
Item object object
none | low | medium | high
none | low | medium | high
Item object object
Item object object
Item object object
403 In protected production deployments, direct origin calls without RapidAPI forwarding are rejected. RapidAPI marketplace consumers authenticate through RapidAPI and should not be shown or asked to send X-RapidAPI-Proxy-Secret themselves.
{
"detail": "Forbidden: invalid or missing proxy secret."
}422 Validation Error
Response schema HTTPValidationError object
Item object object
Item object object
/trust/v1/pro/audits/domains
Audit multiple domains — bulk
Audit up to 50 domains in one request. Set include_reports=false when you only need top-line per-domain previews plus the aggregate summary, not nested full reports. X-Audit-Units-Consumed reports the exact charge.
Request Body
RequiredBody BulkAuditRequest object
Item object object
Item object object
When false, omit nested full audit reports and return per-domain previews only to reduce payload size.
When false, omit nested full audit reports and return per-domain previews only to reduce payload size.
ProviderContext ProviderContext object
Declared mail provider/profile. Accepted canonical ids include: amazon_ses, google_workspace, klaviyo, mailchimp, microsoft_365, sendgrid. Aliases from `/v1/pro/providers` are also accepted and normalized.
Declared mail provider/profile. Accepted canonical ids include: amazon_ses, google_workspace, klaviyo, mailchimp, microsoft_365, sendgrid. Aliases from `/v1/pro/providers` are also accepted and normalized.
Item object object
Item object object
curl -H 'content-type: application/json' \
-H 'X-RapidAPI-Key: YOUR_RAPIDAPI_KEY' \
-H 'X-RapidAPI-Host: email-domain-trust-auditor.p.rapidapi.com' \
-X POST 'https://email-domain-trust-auditor.p.rapidapi.com/trust/v1/pro/audits/domains' \
-d '{
"check_bimi": true,
"check_mta_sts_policy": true,
"default_dkim_selectors": [
"provider-issued-selector-1",
"provider-issued-selector-2"
],
"domains": [
{
"dkim_selectors": [
"provider-issued-selector-1"
],
"domain": "example.com"
},
{
"domain": "example.org"
}
],
"include_reports": false,
"provider_context": {
"provider": "microsoft_365"
}
}'{
"check_bimi": true,
"check_mta_sts_policy": true,
"default_dkim_selectors": [
"provider-issued-selector-1",
"provider-issued-selector-2"
],
"domains": [
{
"dkim_selectors": [
"provider-issued-selector-1"
],
"domain": "example.com"
},
{
"domain": "example.org"
}
],
"include_reports": false,
"provider_context": {
"provider": "microsoft_365"
}
}200 Successful Response
{
"results": [
{
"assessment_confidence": "high",
"audit_id": "baacf6a8-062c-4d4f-b8ef-0abb5f1a7a3e",
"coverage_summary": "The apex appears intentionally configured as a non-mail domain (null MX + SPF -all). Interpret the score as protective DNS posture, not active sender-program readiness.",
"domain": "example.com",
"grade": "A+",
"mail_flow_note": "The apex publishes null MX and SPF -all. Treat the score as protective DNS posture for a non-mail apex, not active sender-program readiness.",
"mail_flow_profile": "apex_non_mail_protected",
"risk_level": "low",
"score": 95,
"success": true
}
],
"summary": {
"common_blocker_categories": {
"dmarc": 1
},
"critical_failure_domains": [],
"domains_dkim_not_evaluated": [],
"domains_missing_dmarc": [],
"domains_missing_or_invalid_dmarc": [],
"domains_with_invalid_dmarc": [],
"domains_with_weak_spf": [],
"enforcement_ready_domains": [],
"failure_count": 0,
"finding_counts": {
"dmarc.missing_rua": 1,
"mx.null_mx": 1,
"spf.pass": 1
},
"grade_counts": {
"A+": 1
},
"highest_deliverability_risk_domains": [],
"highest_spoofing_risk_domains": [],
"prioritized_next_actions": [
"Address recurring blocker category: dmarc:1"
],
"provider_mismatch_domains": [],
"score_band_counts": {
"90-100": 1
},
"strongest_domains": [
"example.com"
],
"success_count": 1,
"top_recommendations": [
"example.com: Add rua=mailto:<monitored-dmarc-report-mailbox> to receive aggregate reports."
],
"total_domains": 1,
"weakest_domains": []
}
}Response schema BulkAuditResponse object
Item object object
BulkSummary BulkSummary object
Grade Counts Grade Counts object
Item object object
Score Band Counts Score Band Counts object
Item object object
Finding Counts Finding Counts object
Item object object
Item object object
Domains with no DMARC record at `_dmarc.
Domains with no DMARC record at `_dmarc.
Item object object
Domains where `_dmarc.
Domains where `_dmarc.
Item object object
Combined list of domains with missing or invalid DMARC posture.
Combined list of domains with missing or invalid DMARC posture.
Item object object
Item object object
Item object object
Item object object
Item object object
Item object object
Item object object
Item object object
Item object object
Item object object
Common Blocker Categories Common Blocker Categories object
Item object object
Item object object
Item object object
Item object object
403 In protected production deployments, direct origin calls without RapidAPI forwarding are rejected. RapidAPI marketplace consumers authenticate through RapidAPI and should not be shown or asked to send X-RapidAPI-Proxy-Secret themselves.
{
"detail": "Forbidden: invalid or missing proxy secret."
}422 Validation Error
Response schema HTTPValidationError object
Item object object
Item object object
/trust/v1/pro/audits/compare
Compare two audit reports
Diff two audit results and surface improvements, regressions, and unchanged findings. Both sides must represent the same normalized domain. If DKIM selector methodology, optional check coverage, or provider-analysis context change between runs, the response includes comparability warnings and neutral coverage deltas so you can distinguish methodology drift from real posture change. Costs 0 if both sides supply a pre-existing report, 1 per side that triggers a fresh audit. X-Audit-Units-Consumed reports the actual charge.
Request Body
RequiredBody AuditCompareRequest object
CompareInput CompareInput object
Option 1 object object
Item object object
Option 2 object object
Item object object
AuditResponse AuditResponse object
Unique identifier for this audit run (UUID-4).
Unique identifier for this audit run (UUID-4).
UTC timestamp when the audit was executed (ISO-8601).
UTC timestamp when the audit was executed (ISO-8601).
Original domain as submitted.
Original domain as submitted.
Domain after normalization (punycode).
Domain after normalization (punycode).
Scope Scope object
The exact domain string that was audited.
The exact domain string that was audited.
Type of entity evaluated: root_domain | subdomain.
Type of entity evaluated: root_domain | subdomain.
Human-readable disclaimer about what this audit covers and what it does not.
Human-readable disclaimer about what this audit covers and what it does not.
Item object object
How to interpret the apex domain's visible mail role: active_mail_domain, apex_non_mail_protected, apex_inbound_disabled, apex_outbound_or_subdomain_mail_possible, or mail_role_unknown.
How to interpret the apex domain's visible mail role: active_mail_domain, apex_non_mail_protected, apex_inbound_disabled, apex_outbound_or_subdomain_mail_possible, or mail_role_unknown.
Overall trust score (0-100). Read alongside risk, assessment confidence, and coverage notes; critical anti-spoofing gaps or provisional DKIM coverage can cap the top-line result.
Overall trust score (0-100). Read alongside risk, assessment confidence, and coverage notes; critical anti-spoofing gaps or provisional DKIM coverage can cap the top-line result.
Scoring model version (for reproducibility).
Scoring model version (for reproducibility).
Per-check score breakdown showing earned vs possible normalised points. Included checks sum to roughly 100 possible points; excluded checks show 0 possible with an explanatory note.
Score Breakdown Score Breakdown object
Per-check score breakdown showing earned vs possible normalised points. Included checks sum to roughly 100 possible points; excluded checks show 0 possible with an explanatory note.
Dictionary value ScoreBreakdownEntry object
Normalised points earned for this check.
Normalised points earned for this check.
Maximum normalised points available for this check within the current 0-100 scoring basis. Checks excluded from scoring report 0.0 here and explain why in `note`.
Maximum normalised points available for this check within the current 0-100 scoring basis. Checks excluded from scoring report 0.0 here and explain why in `note`.
Finding status used for scoring.
Finding status used for scoring.
Item object object
Item object object
Letter grade: A+ / A / B / C / D / F. Interpret alongside risk, assessment confidence, and coverage summary rather than as a standalone safety verdict.
Letter grade: A+ / A / B / C / D / F. Interpret alongside risk, assessment confidence, and coverage summary rather than as a standalone safety verdict.
RiskSummary RiskSummary object
One-paragraph human-readable overview of the domain's email trust posture.
One-paragraph human-readable overview of the domain's email trust posture.
critical | high | medium | low
critical | high | medium | low
How exposed the domain is to email spoofing.
How exposed the domain is to email spoofing.
How likely legitimate email is to be rejected or junked.
How likely legitimate email is to be rejected or junked.
none | partial | full
none | partial | full
How complete the evidence was for this assessment: high | medium | low.
How complete the evidence was for this assessment: high | medium | low.
What was directly evaluated versus left partially covered or provisional.
What was directly evaluated versus left partially covered or provisional.
The three highest-priority actions the domain owner should take.
The three highest-priority actions the domain owner should take.
Item object object
Item object object
Item object object
Prioritised list of actionable recommendations.
Prioritised list of actionable recommendations.
Item object object
Raw data from each check, keyed by check category.
Raw Raw object
Raw data from each check, keyed by check category.
Additional object keys are allowed with arbitrary JSON values.
Item object object
ProviderAnalysis ProviderAnalysis object
Primary provider/profile selected by declared context or DNS heuristics. For inferred analysis this is not a complete account inventory; inspect `matched_providers`, `secondary_providers`, warnings, and verification steps.
Primary provider/profile selected by declared context or DNS heuristics. For inferred analysis this is not a complete account inventory; inspect `matched_providers`, `secondary_providers`, warnings, and verification steps.
How the provider was identified: declared | inferred.
How the provider was identified: declared | inferred.
Item object object
Item object object
Item object object
All provider profiles whose SPF evidence matched this domain. Useful when multiple sending platforms appear in the same SPF record.
All provider profiles whose SPF evidence matched this domain. Useful when multiple sending platforms appear in the same SPF record.
Item object object
Additional matched providers beyond the primary `provider` field.
Additional matched providers beyond the primary `provider` field.
Item object object
Confidence in the inferred provider heuristic: high | medium | low.
Confidence in the inferred provider heuristic: high | medium | low.
Common selector names or patterns associated with this provider. Treat them as discovery hints to verify, not authoritative selector inventories.
Common selector names or patterns associated with this provider. Treat them as discovery hints to verify, not authoritative selector inventories.
Item object object
Item object object
none | low | medium | high
none | low | medium | high
Item object object
Item object object
Item object object
Body of ``POST /v1/free/audits/domain`` and ``POST /v1/pro/audits/domain``.
AuditRequest AuditRequest object
Body of ``POST /v1/free/audits/domain`` and ``POST /v1/pro/audits/domain``.
Email domain to audit (e.g. 'example.com').
Email domain to audit (e.g. 'example.com').
Exact DKIM selectors to check. Use selector names copied from the sending platform when possible because catalog examples are not authoritative for every domain. If omitted, the API may conservatively test common selectors only when a single stable provider match exists; exact provider-issued selectors still produce the most authoritative result.
Exact DKIM selectors to check. Use selector names copied from the sending platform when possible because catalog examples are not authoritative for every domain. If omitted, the API may conservatively test common selectors only when a single stable provider match exists; exact provider-issued selectors still produce the most authoritative result.
Item object object
Whether to fetch and validate the MTA-STS policy file over HTTPS.
Whether to fetch and validate the MTA-STS policy file over HTTPS.
Whether to check for a BIMI DNS record. This is syntax-only validation; it does not verify logo hosting, SVG profile compliance, trademark eligibility, or VMC/CMC certificate trust.
Whether to check for a BIMI DNS record. This is syntax-only validation; it does not verify logo hosting, SVG profile compliance, trademark eligibility, or VMC/CMC certificate trust.
ProviderContext ProviderContext object
Declared mail provider/profile. Accepted canonical ids include: amazon_ses, google_workspace, klaviyo, mailchimp, microsoft_365, sendgrid. Aliases from `/v1/pro/providers` are also accepted and normalized.
Declared mail provider/profile. Accepted canonical ids include: amazon_ses, google_workspace, klaviyo, mailchimp, microsoft_365, sendgrid. Aliases from `/v1/pro/providers` are also accepted and normalized.
Item object object
Item object object
Item object object
CompareInput CompareInput object
Option 1 object object
Item object object
Option 2 object object
Item object object
AuditResponse AuditResponse object
Unique identifier for this audit run (UUID-4).
Unique identifier for this audit run (UUID-4).
UTC timestamp when the audit was executed (ISO-8601).
UTC timestamp when the audit was executed (ISO-8601).
Original domain as submitted.
Original domain as submitted.
Domain after normalization (punycode).
Domain after normalization (punycode).
Scope Scope object
The exact domain string that was audited.
The exact domain string that was audited.
Type of entity evaluated: root_domain | subdomain.
Type of entity evaluated: root_domain | subdomain.
Human-readable disclaimer about what this audit covers and what it does not.
Human-readable disclaimer about what this audit covers and what it does not.
Item object object
How to interpret the apex domain's visible mail role: active_mail_domain, apex_non_mail_protected, apex_inbound_disabled, apex_outbound_or_subdomain_mail_possible, or mail_role_unknown.
How to interpret the apex domain's visible mail role: active_mail_domain, apex_non_mail_protected, apex_inbound_disabled, apex_outbound_or_subdomain_mail_possible, or mail_role_unknown.
Overall trust score (0-100). Read alongside risk, assessment confidence, and coverage notes; critical anti-spoofing gaps or provisional DKIM coverage can cap the top-line result.
Overall trust score (0-100). Read alongside risk, assessment confidence, and coverage notes; critical anti-spoofing gaps or provisional DKIM coverage can cap the top-line result.
Scoring model version (for reproducibility).
Scoring model version (for reproducibility).
Per-check score breakdown showing earned vs possible normalised points. Included checks sum to roughly 100 possible points; excluded checks show 0 possible with an explanatory note.
Score Breakdown Score Breakdown object
Per-check score breakdown showing earned vs possible normalised points. Included checks sum to roughly 100 possible points; excluded checks show 0 possible with an explanatory note.
Dictionary value ScoreBreakdownEntry object
Normalised points earned for this check.
Normalised points earned for this check.
Maximum normalised points available for this check within the current 0-100 scoring basis. Checks excluded from scoring report 0.0 here and explain why in `note`.
Maximum normalised points available for this check within the current 0-100 scoring basis. Checks excluded from scoring report 0.0 here and explain why in `note`.
Finding status used for scoring.
Finding status used for scoring.
Item object object
Item object object
Letter grade: A+ / A / B / C / D / F. Interpret alongside risk, assessment confidence, and coverage summary rather than as a standalone safety verdict.
Letter grade: A+ / A / B / C / D / F. Interpret alongside risk, assessment confidence, and coverage summary rather than as a standalone safety verdict.
RiskSummary RiskSummary object
One-paragraph human-readable overview of the domain's email trust posture.
One-paragraph human-readable overview of the domain's email trust posture.
critical | high | medium | low
critical | high | medium | low
How exposed the domain is to email spoofing.
How exposed the domain is to email spoofing.
How likely legitimate email is to be rejected or junked.
How likely legitimate email is to be rejected or junked.
none | partial | full
none | partial | full
How complete the evidence was for this assessment: high | medium | low.
How complete the evidence was for this assessment: high | medium | low.
What was directly evaluated versus left partially covered or provisional.
What was directly evaluated versus left partially covered or provisional.
The three highest-priority actions the domain owner should take.
The three highest-priority actions the domain owner should take.
Item object object
Item object object
Item object object
Prioritised list of actionable recommendations.
Prioritised list of actionable recommendations.
Item object object
Raw data from each check, keyed by check category.
Raw Raw object
Raw data from each check, keyed by check category.
Additional object keys are allowed with arbitrary JSON values.
Item object object
ProviderAnalysis ProviderAnalysis object
Primary provider/profile selected by declared context or DNS heuristics. For inferred analysis this is not a complete account inventory; inspect `matched_providers`, `secondary_providers`, warnings, and verification steps.
Primary provider/profile selected by declared context or DNS heuristics. For inferred analysis this is not a complete account inventory; inspect `matched_providers`, `secondary_providers`, warnings, and verification steps.
How the provider was identified: declared | inferred.
How the provider was identified: declared | inferred.
Item object object
Item object object
Item object object
All provider profiles whose SPF evidence matched this domain. Useful when multiple sending platforms appear in the same SPF record.
All provider profiles whose SPF evidence matched this domain. Useful when multiple sending platforms appear in the same SPF record.
Item object object
Additional matched providers beyond the primary `provider` field.
Additional matched providers beyond the primary `provider` field.
Item object object
Confidence in the inferred provider heuristic: high | medium | low.
Confidence in the inferred provider heuristic: high | medium | low.
Common selector names or patterns associated with this provider. Treat them as discovery hints to verify, not authoritative selector inventories.
Common selector names or patterns associated with this provider. Treat them as discovery hints to verify, not authoritative selector inventories.
Item object object
Item object object
none | low | medium | high
none | low | medium | high
Item object object
Item object object
Item object object
Body of ``POST /v1/free/audits/domain`` and ``POST /v1/pro/audits/domain``.
AuditRequest AuditRequest object
Body of ``POST /v1/free/audits/domain`` and ``POST /v1/pro/audits/domain``.
Email domain to audit (e.g. 'example.com').
Email domain to audit (e.g. 'example.com').
Exact DKIM selectors to check. Use selector names copied from the sending platform when possible because catalog examples are not authoritative for every domain. If omitted, the API may conservatively test common selectors only when a single stable provider match exists; exact provider-issued selectors still produce the most authoritative result.
Exact DKIM selectors to check. Use selector names copied from the sending platform when possible because catalog examples are not authoritative for every domain. If omitted, the API may conservatively test common selectors only when a single stable provider match exists; exact provider-issued selectors still produce the most authoritative result.
Item object object
Whether to fetch and validate the MTA-STS policy file over HTTPS.
Whether to fetch and validate the MTA-STS policy file over HTTPS.
Whether to check for a BIMI DNS record. This is syntax-only validation; it does not verify logo hosting, SVG profile compliance, trademark eligibility, or VMC/CMC certificate trust.
Whether to check for a BIMI DNS record. This is syntax-only validation; it does not verify logo hosting, SVG profile compliance, trademark eligibility, or VMC/CMC certificate trust.
ProviderContext ProviderContext object
Declared mail provider/profile. Accepted canonical ids include: amazon_ses, google_workspace, klaviyo, mailchimp, microsoft_365, sendgrid. Aliases from `/v1/pro/providers` are also accepted and normalized.
Declared mail provider/profile. Accepted canonical ids include: amazon_ses, google_workspace, klaviyo, mailchimp, microsoft_365, sendgrid. Aliases from `/v1/pro/providers` are also accepted and normalized.
Item object object
Item object object
Item object object
Item object object
curl -H 'content-type: application/json' \
-H 'X-RapidAPI-Key: YOUR_RAPIDAPI_KEY' \
-H 'X-RapidAPI-Host: email-domain-trust-auditor.p.rapidapi.com' \
-X POST 'https://email-domain-trust-auditor.p.rapidapi.com/trust/v1/pro/audits/compare' \
-d '{
"current": {
"request": {
"dkim_selectors": [
"provider-issued-selector-1"
],
"domain": "example.com"
}
},
"previous": {
"request": {
"domain": "example.com"
}
}
}'{
"current": {
"request": {
"dkim_selectors": [
"provider-issued-selector-1"
],
"domain": "example.com"
}
},
"previous": {
"request": {
"domain": "example.com"
}
}
}200 Successful Response
{
"added_findings": [
{
"check": "dkim",
"current_status": "not_applicable",
"id": "dkim.none_valid"
}
],
"check_deltas": [
{
"check": "dmarc",
"current_status": "warn",
"impact": "unchanged",
"previous_status": "warn"
}
],
"comparability_warnings": [
"DKIM selector inputs changed between reports (previous: not_provided [none]; current: provided [provider-issued-selector-1]). Score differences may reflect evaluation coverage rather than a real posture change."
],
"compared_domain": "example.com",
"current_grade": "A+",
"current_score": 95,
"grade_changed": false,
"improved_findings": [],
"operator_summary": [
"Comparison includes methodology changes; interpret score deltas cautiously.",
"Raw score was unchanged across non-equivalent inputs (A+ -> A+)."
],
"previous_grade": "A+",
"previous_score": 95,
"recommendation_delta": {
"added": [],
"resolved": [],
"unchanged": [
"Add rua=mailto:<monitored-dmarc-report-mailbox> to receive aggregate reports."
]
},
"resolved_findings": [
{
"check": "dkim",
"id": "dkim.not_evaluated",
"previous_status": "not_applicable"
}
],
"score_delta": 0,
"summary": "Comparison includes methodology changes; interpret score deltas cautiously. Raw score moved by +0 (A+ -> A+).",
"top_improvements": [],
"top_regressions": [],
"unchanged_findings": [
{
"check": "dmarc",
"current_status": "warn",
"id": "dmarc.missing_rua",
"previous_status": "warn"
}
],
"worsened_findings": []
}Response schema AuditComparisonResponse object
Normalized domain shared by both compared reports.
Normalized domain shared by both compared reports.
Item object object
Item object object
Item object object
Item object object
Item object object
Recommendation Delta Recommendation Delta object
Item object object
Item object object
Warnings about changed methodology or context that can make score deltas less trustworthy.
Warnings about changed methodology or context that can make score deltas less trustworthy.
Item object object
Item object object
Item object object
Highest-impact comparable posture regressions. Coverage-only changes stay in `comparability_warnings` and `check_deltas`.
Highest-impact comparable posture regressions. Coverage-only changes stay in `comparability_warnings` and `check_deltas`.
Item object object
Highest-impact comparable posture improvements. Coverage-only changes stay in `comparability_warnings` and `check_deltas`.
Highest-impact comparable posture improvements. Coverage-only changes stay in `comparability_warnings` and `check_deltas`.
Item object object
Item object object
403 In protected production deployments, direct origin calls without RapidAPI forwarding are rejected. RapidAPI marketplace consumers authenticate through RapidAPI and should not be shown or asked to send X-RapidAPI-Proxy-Secret themselves.
{
"detail": "Forbidden: invalid or missing proxy secret."
}422 Validation Error
Response schema HTTPValidationError object
Item object object
Item object object
/trust/v1/pro/audits/fix-plan
Get a remediation plan
Generate a prioritized, step-by-step remediation plan. Costs 0 if you supply a pre-existing report; costs 1 if you supply a request (triggering a fresh audit). X-Audit-Units-Consumed reports the actual charge.
Request Body
RequiredBody FixPlanRequest object
Option 1 object object
Item object object
Option 2 object object
Item object object
AuditResponse AuditResponse object
Unique identifier for this audit run (UUID-4).
Unique identifier for this audit run (UUID-4).
UTC timestamp when the audit was executed (ISO-8601).
UTC timestamp when the audit was executed (ISO-8601).
Original domain as submitted.
Original domain as submitted.
Domain after normalization (punycode).
Domain after normalization (punycode).
Scope Scope object
The exact domain string that was audited.
The exact domain string that was audited.
Type of entity evaluated: root_domain | subdomain.
Type of entity evaluated: root_domain | subdomain.
Human-readable disclaimer about what this audit covers and what it does not.
Human-readable disclaimer about what this audit covers and what it does not.
Item object object
How to interpret the apex domain's visible mail role: active_mail_domain, apex_non_mail_protected, apex_inbound_disabled, apex_outbound_or_subdomain_mail_possible, or mail_role_unknown.
How to interpret the apex domain's visible mail role: active_mail_domain, apex_non_mail_protected, apex_inbound_disabled, apex_outbound_or_subdomain_mail_possible, or mail_role_unknown.
Overall trust score (0-100). Read alongside risk, assessment confidence, and coverage notes; critical anti-spoofing gaps or provisional DKIM coverage can cap the top-line result.
Overall trust score (0-100). Read alongside risk, assessment confidence, and coverage notes; critical anti-spoofing gaps or provisional DKIM coverage can cap the top-line result.
Scoring model version (for reproducibility).
Scoring model version (for reproducibility).
Per-check score breakdown showing earned vs possible normalised points. Included checks sum to roughly 100 possible points; excluded checks show 0 possible with an explanatory note.
Score Breakdown Score Breakdown object
Per-check score breakdown showing earned vs possible normalised points. Included checks sum to roughly 100 possible points; excluded checks show 0 possible with an explanatory note.
Dictionary value ScoreBreakdownEntry object
Normalised points earned for this check.
Normalised points earned for this check.
Maximum normalised points available for this check within the current 0-100 scoring basis. Checks excluded from scoring report 0.0 here and explain why in `note`.
Maximum normalised points available for this check within the current 0-100 scoring basis. Checks excluded from scoring report 0.0 here and explain why in `note`.
Finding status used for scoring.
Finding status used for scoring.
Item object object
Item object object
Letter grade: A+ / A / B / C / D / F. Interpret alongside risk, assessment confidence, and coverage summary rather than as a standalone safety verdict.
Letter grade: A+ / A / B / C / D / F. Interpret alongside risk, assessment confidence, and coverage summary rather than as a standalone safety verdict.
RiskSummary RiskSummary object
One-paragraph human-readable overview of the domain's email trust posture.
One-paragraph human-readable overview of the domain's email trust posture.
critical | high | medium | low
critical | high | medium | low
How exposed the domain is to email spoofing.
How exposed the domain is to email spoofing.
How likely legitimate email is to be rejected or junked.
How likely legitimate email is to be rejected or junked.
none | partial | full
none | partial | full
How complete the evidence was for this assessment: high | medium | low.
How complete the evidence was for this assessment: high | medium | low.
What was directly evaluated versus left partially covered or provisional.
What was directly evaluated versus left partially covered or provisional.
The three highest-priority actions the domain owner should take.
The three highest-priority actions the domain owner should take.
Item object object
Item object object
Item object object
Prioritised list of actionable recommendations.
Prioritised list of actionable recommendations.
Item object object
Raw data from each check, keyed by check category.
Raw Raw object
Raw data from each check, keyed by check category.
Additional object keys are allowed with arbitrary JSON values.
Item object object
ProviderAnalysis ProviderAnalysis object
Primary provider/profile selected by declared context or DNS heuristics. For inferred analysis this is not a complete account inventory; inspect `matched_providers`, `secondary_providers`, warnings, and verification steps.
Primary provider/profile selected by declared context or DNS heuristics. For inferred analysis this is not a complete account inventory; inspect `matched_providers`, `secondary_providers`, warnings, and verification steps.
How the provider was identified: declared | inferred.
How the provider was identified: declared | inferred.
Item object object
Item object object
Item object object
All provider profiles whose SPF evidence matched this domain. Useful when multiple sending platforms appear in the same SPF record.
All provider profiles whose SPF evidence matched this domain. Useful when multiple sending platforms appear in the same SPF record.
Item object object
Additional matched providers beyond the primary `provider` field.
Additional matched providers beyond the primary `provider` field.
Item object object
Confidence in the inferred provider heuristic: high | medium | low.
Confidence in the inferred provider heuristic: high | medium | low.
Common selector names or patterns associated with this provider. Treat them as discovery hints to verify, not authoritative selector inventories.
Common selector names or patterns associated with this provider. Treat them as discovery hints to verify, not authoritative selector inventories.
Item object object
Item object object
none | low | medium | high
none | low | medium | high
Item object object
Item object object
Item object object
Body of ``POST /v1/free/audits/domain`` and ``POST /v1/pro/audits/domain``.
AuditRequest AuditRequest object
Body of ``POST /v1/free/audits/domain`` and ``POST /v1/pro/audits/domain``.
Email domain to audit (e.g. 'example.com').
Email domain to audit (e.g. 'example.com').
Exact DKIM selectors to check. Use selector names copied from the sending platform when possible because catalog examples are not authoritative for every domain. If omitted, the API may conservatively test common selectors only when a single stable provider match exists; exact provider-issued selectors still produce the most authoritative result.
Exact DKIM selectors to check. Use selector names copied from the sending platform when possible because catalog examples are not authoritative for every domain. If omitted, the API may conservatively test common selectors only when a single stable provider match exists; exact provider-issued selectors still produce the most authoritative result.
Item object object
Whether to fetch and validate the MTA-STS policy file over HTTPS.
Whether to fetch and validate the MTA-STS policy file over HTTPS.
Whether to check for a BIMI DNS record. This is syntax-only validation; it does not verify logo hosting, SVG profile compliance, trademark eligibility, or VMC/CMC certificate trust.
Whether to check for a BIMI DNS record. This is syntax-only validation; it does not verify logo hosting, SVG profile compliance, trademark eligibility, or VMC/CMC certificate trust.
ProviderContext ProviderContext object
Declared mail provider/profile. Accepted canonical ids include: amazon_ses, google_workspace, klaviyo, mailchimp, microsoft_365, sendgrid. Aliases from `/v1/pro/providers` are also accepted and normalized.
Declared mail provider/profile. Accepted canonical ids include: amazon_ses, google_workspace, klaviyo, mailchimp, microsoft_365, sendgrid. Aliases from `/v1/pro/providers` are also accepted and normalized.
Item object object
Item object object
Item object object
curl -H 'content-type: application/json' \
-H 'X-RapidAPI-Key: YOUR_RAPIDAPI_KEY' \
-H 'X-RapidAPI-Host: email-domain-trust-auditor.p.rapidapi.com' \
-X POST 'https://email-domain-trust-auditor.p.rapidapi.com/trust/v1/pro/audits/fix-plan' \
-d '{
"request": {
"domain": "example.com",
"provider_context": {
"provider": "amazon_ses"
}
}
}'{
"request": {
"domain": "example.com",
"provider_context": {
"provider": "amazon_ses"
}
}
}200 Successful Response
{
"domain": "example.com",
"exact_remediations": [],
"manual_review_needed": [],
"priority_summary": [
"P1: dmarc.missing_rua (safe_now, low risk)"
],
"template_remediations": [
{
"actionability": "template",
"application_risk": "low",
"confidence_level": "medium",
"confidence_note": "Built from the observed DMARC tags, but the aggregate-reporting mailbox must be chosen and monitored by the operator.",
"dependency_notes": [
"Preserve the existing DMARC policy tags while adding rua."
],
"dns_name": "_dmarc.example.com",
"evidence_basis": [
"finding:dmarc.missing_rua"
],
"issue_id": "dmarc.missing_rua",
"operation": "replace",
"preconditions": [
"Choose and monitor the aggregate-reporting mailbox before publishing the updated DMARC record."
],
"priority": "p1",
"proposed_value_template": "v=DMARC1; p=reject; sp=reject; rua=mailto:<monitored-dmarc-report-mailbox>; adkim=s; aspf=s",
"rationale": "Aggregate reports help validate ongoing DMARC enforcement and spot alignment drift.",
"record_type": "TXT",
"rollout_strategy": "safe_now",
"verify_after_change": [
"dig +short TXT _dmarc.example.com",
"Confirm aggregate DMARC reports begin arriving at the configured mailbox."
],
"why_it_matters": "DMARC reporting visibility is missing even though policy enforcement exists."
}
]
}Response schema RemediationPlan object
Item object object
Item object object
Item object object
Item object object
Item object object
403 In protected production deployments, direct origin calls without RapidAPI forwarding are rejected. RapidAPI marketplace consumers authenticate through RapidAPI and should not be shown or asked to send X-RapidAPI-Proxy-Secret themselves.
{
"detail": "Forbidden: invalid or missing proxy secret."
}422 Validation Error
Response schema HTTPValidationError object
Item object object
Item object object
/trust/v1/pro/providers
List supported email providers
Returns curated provider profiles the engine knows about. Use the id as provider_context.provider in audit requests. Any DKIM selector examples are discovery hints only, not authoritative inventories.
curl -H 'X-RapidAPI-Key: YOUR_RAPIDAPI_KEY' \
-H 'X-RapidAPI-Host: email-domain-trust-auditor.p.rapidapi.com' \
'https://email-domain-trust-auditor.p.rapidapi.com/trust/v1/pro/providers'200 Successful Response
Response schema ProviderListResponse object
Response from ``GET /v1/pro/providers``.
Item object object
Item object object
403 In protected production deployments, direct origin calls without RapidAPI forwarding are rejected. RapidAPI marketplace consumers authenticate through RapidAPI and should not be shown or asked to send X-RapidAPI-Proxy-Secret themselves.
{
"detail": "Forbidden: invalid or missing proxy secret."
}/trust/v1/pro/findings/catalog
List all finding definitions
curl -H 'X-RapidAPI-Key: YOUR_RAPIDAPI_KEY' \
-H 'X-RapidAPI-Host: email-domain-trust-auditor.p.rapidapi.com' \
'https://email-domain-trust-auditor.p.rapidapi.com/trust/v1/pro/findings/catalog'200 Successful Response
Response schema FindingCatalogResponse object
Response from ``GET /v1/pro/findings/catalog``.
Item object object
Item object object
403 In protected production deployments, direct origin calls without RapidAPI forwarding are rejected. RapidAPI marketplace consumers authenticate through RapidAPI and should not be shown or asked to send X-RapidAPI-Proxy-Secret themselves.
{
"detail": "Forbidden: invalid or missing proxy secret."
}/trust/v1/pro/reports/domain
Render an audit report
Render an audit as HTML or structured JSON with executive summary, findings, score breakdown, assessment confidence, and coverage notes. format="html" returns JSON with the HTML string in content; it does not change the HTTP response media type to text/html. Supply either: - request: {"domain": "example.com"} — triggers a fresh audit (costs 1 audit) - report: a pre-existing AuditResponse object — renders immediately (costs 0 audits) X-Audit-Units-Consumed reports the actual charge.
Request Body
RequiredBody ReportRequest object
Body of ``POST /v1/pro/reports/domain``. Supply **either** ``report`` (a pre-existing ``AuditResponse``, costs 0 audits) **or** ``request`` (an ``AuditRequest`` triggering a fresh audit, costs 1 audit).
Option 1 object object
Item object object
Option 2 object object
Item object object
AuditResponse AuditResponse object
Unique identifier for this audit run (UUID-4).
Unique identifier for this audit run (UUID-4).
UTC timestamp when the audit was executed (ISO-8601).
UTC timestamp when the audit was executed (ISO-8601).
Original domain as submitted.
Original domain as submitted.
Domain after normalization (punycode).
Domain after normalization (punycode).
Scope Scope object
The exact domain string that was audited.
The exact domain string that was audited.
Type of entity evaluated: root_domain | subdomain.
Type of entity evaluated: root_domain | subdomain.
Human-readable disclaimer about what this audit covers and what it does not.
Human-readable disclaimer about what this audit covers and what it does not.
Item object object
How to interpret the apex domain's visible mail role: active_mail_domain, apex_non_mail_protected, apex_inbound_disabled, apex_outbound_or_subdomain_mail_possible, or mail_role_unknown.
How to interpret the apex domain's visible mail role: active_mail_domain, apex_non_mail_protected, apex_inbound_disabled, apex_outbound_or_subdomain_mail_possible, or mail_role_unknown.
Overall trust score (0-100). Read alongside risk, assessment confidence, and coverage notes; critical anti-spoofing gaps or provisional DKIM coverage can cap the top-line result.
Overall trust score (0-100). Read alongside risk, assessment confidence, and coverage notes; critical anti-spoofing gaps or provisional DKIM coverage can cap the top-line result.
Scoring model version (for reproducibility).
Scoring model version (for reproducibility).
Per-check score breakdown showing earned vs possible normalised points. Included checks sum to roughly 100 possible points; excluded checks show 0 possible with an explanatory note.
Score Breakdown Score Breakdown object
Per-check score breakdown showing earned vs possible normalised points. Included checks sum to roughly 100 possible points; excluded checks show 0 possible with an explanatory note.
Dictionary value ScoreBreakdownEntry object
Normalised points earned for this check.
Normalised points earned for this check.
Maximum normalised points available for this check within the current 0-100 scoring basis. Checks excluded from scoring report 0.0 here and explain why in `note`.
Maximum normalised points available for this check within the current 0-100 scoring basis. Checks excluded from scoring report 0.0 here and explain why in `note`.
Finding status used for scoring.
Finding status used for scoring.
Item object object
Item object object
Letter grade: A+ / A / B / C / D / F. Interpret alongside risk, assessment confidence, and coverage summary rather than as a standalone safety verdict.
Letter grade: A+ / A / B / C / D / F. Interpret alongside risk, assessment confidence, and coverage summary rather than as a standalone safety verdict.
RiskSummary RiskSummary object
One-paragraph human-readable overview of the domain's email trust posture.
One-paragraph human-readable overview of the domain's email trust posture.
critical | high | medium | low
critical | high | medium | low
How exposed the domain is to email spoofing.
How exposed the domain is to email spoofing.
How likely legitimate email is to be rejected or junked.
How likely legitimate email is to be rejected or junked.
none | partial | full
none | partial | full
How complete the evidence was for this assessment: high | medium | low.
How complete the evidence was for this assessment: high | medium | low.
What was directly evaluated versus left partially covered or provisional.
What was directly evaluated versus left partially covered or provisional.
The three highest-priority actions the domain owner should take.
The three highest-priority actions the domain owner should take.
Item object object
Item object object
Item object object
Prioritised list of actionable recommendations.
Prioritised list of actionable recommendations.
Item object object
Raw data from each check, keyed by check category.
Raw Raw object
Raw data from each check, keyed by check category.
Additional object keys are allowed with arbitrary JSON values.
Item object object
ProviderAnalysis ProviderAnalysis object
Primary provider/profile selected by declared context or DNS heuristics. For inferred analysis this is not a complete account inventory; inspect `matched_providers`, `secondary_providers`, warnings, and verification steps.
Primary provider/profile selected by declared context or DNS heuristics. For inferred analysis this is not a complete account inventory; inspect `matched_providers`, `secondary_providers`, warnings, and verification steps.
How the provider was identified: declared | inferred.
How the provider was identified: declared | inferred.
Item object object
Item object object
Item object object
All provider profiles whose SPF evidence matched this domain. Useful when multiple sending platforms appear in the same SPF record.
All provider profiles whose SPF evidence matched this domain. Useful when multiple sending platforms appear in the same SPF record.
Item object object
Additional matched providers beyond the primary `provider` field.
Additional matched providers beyond the primary `provider` field.
Item object object
Confidence in the inferred provider heuristic: high | medium | low.
Confidence in the inferred provider heuristic: high | medium | low.
Common selector names or patterns associated with this provider. Treat them as discovery hints to verify, not authoritative selector inventories.
Common selector names or patterns associated with this provider. Treat them as discovery hints to verify, not authoritative selector inventories.
Item object object
Item object object
none | low | medium | high
none | low | medium | high
Item object object
Item object object
Item object object
Body of ``POST /v1/free/audits/domain`` and ``POST /v1/pro/audits/domain``.
AuditRequest AuditRequest object
Body of ``POST /v1/free/audits/domain`` and ``POST /v1/pro/audits/domain``.
Email domain to audit (e.g. 'example.com').
Email domain to audit (e.g. 'example.com').
Exact DKIM selectors to check. Use selector names copied from the sending platform when possible because catalog examples are not authoritative for every domain. If omitted, the API may conservatively test common selectors only when a single stable provider match exists; exact provider-issued selectors still produce the most authoritative result.
Exact DKIM selectors to check. Use selector names copied from the sending platform when possible because catalog examples are not authoritative for every domain. If omitted, the API may conservatively test common selectors only when a single stable provider match exists; exact provider-issued selectors still produce the most authoritative result.
Item object object
Whether to fetch and validate the MTA-STS policy file over HTTPS.
Whether to fetch and validate the MTA-STS policy file over HTTPS.
Whether to check for a BIMI DNS record. This is syntax-only validation; it does not verify logo hosting, SVG profile compliance, trademark eligibility, or VMC/CMC certificate trust.
Whether to check for a BIMI DNS record. This is syntax-only validation; it does not verify logo hosting, SVG profile compliance, trademark eligibility, or VMC/CMC certificate trust.
ProviderContext ProviderContext object
Declared mail provider/profile. Accepted canonical ids include: amazon_ses, google_workspace, klaviyo, mailchimp, microsoft_365, sendgrid. Aliases from `/v1/pro/providers` are also accepted and normalized.
Declared mail provider/profile. Accepted canonical ids include: amazon_ses, google_workspace, klaviyo, mailchimp, microsoft_365, sendgrid. Aliases from `/v1/pro/providers` are also accepted and normalized.
Item object object
Item object object
Output format: 'html' returns a complete HTML document as a string in the JSON `content` field; 'structured' returns a dict in `content`.
Output format: 'html' returns a complete HTML document as a string in the JSON `content` field; 'structured' returns a dict in `content`.
Item object object
curl -H 'content-type: application/json' \
-H 'X-RapidAPI-Key: YOUR_RAPIDAPI_KEY' \
-H 'X-RapidAPI-Host: email-domain-trust-auditor.p.rapidapi.com' \
-X POST 'https://email-domain-trust-auditor.p.rapidapi.com/trust/v1/pro/reports/domain' \
-d '{
"format": "html",
"request": {
"domain": "example.com"
}
}'{
"format": "html",
"request": {
"domain": "example.com"
}
}200 Successful Response
{
"content": {
"assessment_confidence": "high",
"coverage_summary": "The apex appears intentionally configured as a non-mail domain (null MX + SPF -all).",
"domain": "example.com",
"executive_summary": "The apex appears intentionally configured as a protected non-mail domain; remaining findings are monitoring or coverage gaps.",
"findings": [
{
"check": "dmarc",
"evidence": "Record: v=DMARC1;p=reject;sp=reject;adkim=s;aspf=s | Issues: No 'rua' tag \u2014 aggregate reports will not be received.",
"fix": "Add rua=mailto:<monitored-dmarc-report-mailbox> to receive aggregate reports.",
"id": "dmarc.missing_rua",
"severity": "medium",
"status": "warn",
"title": "DMARC Missing Aggregate Reporting URI"
}
],
"grade": "A+",
"header": {
"assessment_confidence": "high",
"domain": "example.com",
"grade": "A+",
"mail_flow_profile": "apex_non_mail_protected",
"risk_level": "low",
"score": 95
},
"mail_flow_profile": "apex_non_mail_protected",
"recommendations": [
"Add rua=mailto:<monitored-dmarc-report-mailbox> to receive aggregate reports."
],
"risk_level": "low",
"score": 95,
"score_breakdown": {
"dmarc": {
"earned": 45.0,
"possible": 50.0,
"status": "warn"
},
"spf": {
"earned": 50.0,
"possible": 50.0,
"status": "pass"
}
},
"title": "Email Domain Trust Report: example.com"
},
"format": "structured"
}Response schema ReportResponse object
Response from ``POST /v1/pro/reports/domain``.
The format that was rendered ('html' or 'structured').
The format that was rendered ('html' or 'structured').
Rendered report content. HTML format is returned as a string inside this JSON field.
Content Content object
Rendered report content. HTML format is returned as a string inside this JSON field.
Item object object
Item object object
403 In protected production deployments, direct origin calls without RapidAPI forwarding are rejected. RapidAPI marketplace consumers authenticate through RapidAPI and should not be shown or asked to send X-RapidAPI-Proxy-Secret themselves.
{
"detail": "Forbidden: invalid or missing proxy secret."
}422 Validation Error
Response schema HTTPValidationError object
Item object object
Item object object
/health
Health check
Operational readiness endpoint.
curl -H 'X-RapidAPI-Key: YOUR_RAPIDAPI_KEY' \
-H 'X-RapidAPI-Host: email-domain-trust-auditor.p.rapidapi.com' \
'https://email-domain-trust-auditor.p.rapidapi.com/health'200 Successful Response
Response schema Response Health Health Get object
Item object object
/v1/provider-presets
Provider presets
Return provider-aware DNS hints, common MX patterns, SPF includes, and common DKIM selector presets.
curl -H 'X-RapidAPI-Key: YOUR_RAPIDAPI_KEY' \
-H 'X-RapidAPI-Host: email-domain-trust-auditor.p.rapidapi.com' \
'https://email-domain-trust-auditor.p.rapidapi.com/v1/provider-presets'200 Successful Response
/v1/findings-catalog
Findings catalog
Return the catalog of stable finding IDs used across audit responses.
curl -H 'X-RapidAPI-Key: YOUR_RAPIDAPI_KEY' \
-H 'X-RapidAPI-Host: email-domain-trust-auditor.p.rapidapi.com' \
'https://email-domain-trust-auditor.p.rapidapi.com/v1/findings-catalog'200 Successful Response
/v1/dmarc-lookup/{domain}
DMARC lookup
Lookup and parse the DMARC TXT record for a domain.
Parameters
curl -H 'X-RapidAPI-Key: YOUR_RAPIDAPI_KEY' \
-H 'X-RapidAPI-Host: email-domain-trust-auditor.p.rapidapi.com' \
'https://email-domain-trust-auditor.p.rapidapi.com/v1/dmarc-lookup/{domain}'200 Successful Response
422 Validation Error
Response schema HTTPValidationError object
Item object object
Item object object
/v1/spf-lookup/{domain}
SPF lookup
Lookup and parse the SPF TXT record for a domain, including best-effort DNS lookup counting.
Parameters
curl -H 'X-RapidAPI-Key: YOUR_RAPIDAPI_KEY' \
-H 'X-RapidAPI-Host: email-domain-trust-auditor.p.rapidapi.com' \
'https://email-domain-trust-auditor.p.rapidapi.com/v1/spf-lookup/{domain}'200 Successful Response
422 Validation Error
Response schema HTTPValidationError object
Item object object
Item object object
/v1/dkim-check
DKIM check
Check exact or provider-preset DKIM selectors for a domain.
Request Body
RequiredBody DKIMCheckRequest object
Domain to check.
Domain to check.
Exact or likely DKIM selectors to test.
Exact or likely DKIM selectors to test.
Item object object
Item object object
curl -H 'content-type: application/json' \
-H 'X-RapidAPI-Key: YOUR_RAPIDAPI_KEY' \
-H 'X-RapidAPI-Host: email-domain-trust-auditor.p.rapidapi.com' \
-X POST 'https://email-domain-trust-auditor.p.rapidapi.com/v1/dkim-check' \
-d '{
"domain": "example.com",
"provider_hint": "google_workspace",
"selectors": [
"google",
"selector1",
"selector2",
"default",
"mail",
"k1"
]
}'{
"domain": "example.com",
"provider_hint": "google_workspace",
"selectors": [
"google",
"selector1",
"selector2",
"default",
"mail",
"k1"
]
}200 Successful Response
422 Validation Error
Response schema HTTPValidationError object
Item object object
Item object object
/v1/mx-lookup/{domain}
MX lookup
Lookup MX records and guess the likely provider based on MX and SPF signals.
Parameters
curl -H 'X-RapidAPI-Key: YOUR_RAPIDAPI_KEY' \
-H 'X-RapidAPI-Host: email-domain-trust-auditor.p.rapidapi.com' \
'https://email-domain-trust-auditor.p.rapidapi.com/v1/mx-lookup/{domain}'200 Successful Response
422 Validation Error
Response schema HTTPValidationError object
Item object object
Item object object
/v1/email-auth-audit/{domain}
Email authentication audit
Main RapidAPI-friendly audit endpoint. Enter a domain and click Run.
Parameters
Comma-separated selector list.
curl -H 'X-RapidAPI-Key: YOUR_RAPIDAPI_KEY' \
-H 'X-RapidAPI-Host: email-domain-trust-auditor.p.rapidapi.com' \
'https://email-domain-trust-auditor.p.rapidapi.com/v1/email-auth-audit/{domain}'200 Successful Response
422 Validation Error
Response schema HTTPValidationError object
Item object object
Item object object
/v1/bulk/email-auth-audit
Bulk email authentication audit
Audit multiple domains in one synchronous request. Continues processing when one domain fails.
Request Body
RequiredBody BulkAuditRequest object
List of domains to audit.
List of domains to audit.
Item object object
Include raw DNS evidence in nested audit results where available.
Include raw DNS evidence in nested audit results where available.
Include staged fix plans for each domain when supported.
Include staged fix plans for each domain when supported.
Nested schema object object
Item object object
Item object object
curl -H 'content-type: application/json' \
-H 'X-RapidAPI-Key: YOUR_RAPIDAPI_KEY' \
-H 'X-RapidAPI-Host: email-domain-trust-auditor.p.rapidapi.com' \
-X POST 'https://email-domain-trust-auditor.p.rapidapi.com/v1/bulk/email-auth-audit' \
-d '{
"domains": [
"example.com",
"clientdomain.com",
"startup.io"
],
"include_fix_plan": false,
"include_raw": false,
"provider_hints": {
"clientdomain.com": "microsoft_365",
"example.com": "google_workspace"
},
"webhook_url": "https://hooks.example.com/audit-results"
}'{
"domains": [
"example.com",
"clientdomain.com",
"startup.io"
],
"include_fix_plan": false,
"include_raw": false,
"provider_hints": {
"clientdomain.com": "microsoft_365",
"example.com": "google_workspace"
},
"webhook_url": "https://hooks.example.com/audit-results"
}200 Successful Response
422 Validation Error
Response schema HTTPValidationError object
Item object object
Item object object
/v1/fix-plan
Fix plan
Generate a provider-aware staged fix plan from an audit status summary.
Request Body
RequiredBody FixPlanRequest object
Domain the plan applies to.
Domain the plan applies to.
Compact top-line audit statuses.
Audit Audit object
Compact top-line audit statuses.
Item object object
Item object object
curl -H 'content-type: application/json' \
-H 'X-RapidAPI-Key: YOUR_RAPIDAPI_KEY' \
-H 'X-RapidAPI-Host: email-domain-trust-auditor.p.rapidapi.com' \
-X POST 'https://email-domain-trust-auditor.p.rapidapi.com/v1/fix-plan' \
-d '{
"audit": {
"bimi": "missing",
"dkim": "unknown",
"dmarc": "warning",
"mta_sts": "missing",
"mx": "pass",
"spf": "pass",
"tls_rpt": "missing"
},
"domain": "example.com",
"goal": "safe_enforcement",
"provider_hint": "google_workspace"
}'{
"audit": {
"bimi": "missing",
"dkim": "unknown",
"dmarc": "warning",
"mta_sts": "missing",
"mx": "pass",
"spf": "pass",
"tls_rpt": "missing"
},
"domain": "example.com",
"goal": "safe_enforcement",
"provider_hint": "google_workspace"
}200 Successful Response
422 Validation Error
Response schema HTTPValidationError object
Item object object
Item object object
/v1/bulk/jobs/{job_id}
Bulk job status
Return the status of an asynchronous bulk audit job.
Parameters
curl -H 'X-RapidAPI-Key: YOUR_RAPIDAPI_KEY' \
-H 'X-RapidAPI-Host: email-domain-trust-auditor.p.rapidapi.com' \
'https://email-domain-trust-auditor.p.rapidapi.com/v1/bulk/jobs/{job_id}'200 Successful Response
422 Validation Error
Response schema HTTPValidationError object
Item object object
Item object object
/v1/dns-records/{domain}
DNS records snapshot
Return TXT and MX records for a domain.
Parameters
curl -H 'X-RapidAPI-Key: YOUR_RAPIDAPI_KEY' \
-H 'X-RapidAPI-Host: email-domain-trust-auditor.p.rapidapi.com' \
'https://email-domain-trust-auditor.p.rapidapi.com/v1/dns-records/{domain}'200 Successful Response
422 Validation Error
Response schema HTTPValidationError object
Item object object
Item object object
/v1/mta-sts-check/{domain}
MTA-STS check
Check for an MTA-STS DNS record and optional hosted policy file.
Parameters
curl -H 'X-RapidAPI-Key: YOUR_RAPIDAPI_KEY' \
-H 'X-RapidAPI-Host: email-domain-trust-auditor.p.rapidapi.com' \
'https://email-domain-trust-auditor.p.rapidapi.com/v1/mta-sts-check/{domain}'200 Successful Response
422 Validation Error
Response schema HTTPValidationError object
Item object object
Item object object
/v1/tls-rpt-check/{domain}
TLS-RPT check
Check for a TLS-RPT record at _smtp._tls.
Parameters
curl -H 'X-RapidAPI-Key: YOUR_RAPIDAPI_KEY' \
-H 'X-RapidAPI-Host: email-domain-trust-auditor.p.rapidapi.com' \
'https://email-domain-trust-auditor.p.rapidapi.com/v1/tls-rpt-check/{domain}'200 Successful Response
422 Validation Error
Response schema HTTPValidationError object
Item object object
Item object object
/v1/bimi-check/{domain}
BIMI check
Check for a BIMI TXT record at default._bimi.
Parameters
curl -H 'X-RapidAPI-Key: YOUR_RAPIDAPI_KEY' \
-H 'X-RapidAPI-Host: email-domain-trust-auditor.p.rapidapi.com' \
'https://email-domain-trust-auditor.p.rapidapi.com/v1/bimi-check/{domain}'200 Successful Response
422 Validation Error
Response schema HTTPValidationError object
Item object object
Item object object
/v1/compare-audits
Compare audits
Run two audits and compare top-line score and grade.
Request Body
RequiredBody CompareAuditsRequest object
Item object object
curl -H 'content-type: application/json' \
-H 'X-RapidAPI-Key: YOUR_RAPIDAPI_KEY' \
-H 'X-RapidAPI-Host: email-domain-trust-auditor.p.rapidapi.com' \
-X POST 'https://email-domain-trust-auditor.p.rapidapi.com/v1/compare-audits' \
-d '{
"current_domain": "example.net",
"previous_domain": "example.com"
}'{
"current_domain": "example.net",
"previous_domain": "example.com"
}