Email Finder API: Verified Email Lookups for Your Product

Endpoints

Three primary endpoints, all REST + JSON:

`POST /v1/find` — find an email from one of seven input types (domain, name+company, LinkedIn URL, social handle + platform, Google Maps query, etc.). Returns verified email + confidence + source.

`POST /v1/verify` — verify an email you already have. Returns Valid / Risky / Invalid + reason code. Half the credit cost of /find.

`POST /v1/bulk` — submit up to 10,000 inputs in one request, receive a job ID, poll or receive webhook callback when complete. Same row-level data as the bulk email finder UI.

Full OpenAPI spec, code samples in 6 languages, and a Postman collection on the dashboard.

Authentication & rate limits

API keys are scoped per-workspace and rotatable from settings. Pass as `Authorization: Bearer <key>` header.

Default rate limits:

- Find / Verify: 100 req/sec, burst to 200. - Bulk: 5 jobs concurrent, no per-row rate limit (we manage internal concurrency). - Webhook delivery: retried 3 times with exponential backoff per Stripe's webhook reliability pattern.

Enterprise plans lift these limits — see pricing or contact.

Pricing model

Pay-per-hit, not pay-per-call. This is the single biggest difference between EmailSneak's API and most competitors:

- A `/find` call that returns a verified email = 1 credit - A `/find` call that returns no email found = 0 credits - A `/verify` call (returned result regardless of valid/invalid) = 0.5 credits

Most competitors charge per request. On a workload with 60% coverage, that's a 67% pricing penalty for the same delivered emails. The economics matter at API scale.

Webhooks

Bulk job completion, verification result changes (e.g., a previously-Valid email goes Invalid), and credit balance thresholds all support webhook delivery.

Every webhook payload is signed with HMAC-SHA256 in the `X-EmailSneak-Signature` header. Validate before processing — sample verification code in the docs.

Webhook timeouts: 5 seconds. Beyond that we treat as failure and retry. Per W3C Webhooks guidance and the Standard Webhooks spec, keep your handler fast and async.

Common integrations

What our API customers most commonly build:

• Auto-enrichment in their own CRM — when a lead lands with name + company, fire `/find` and write the verified email to the lead record.
• On-demand verification at form submission — protect signup forms from bad data by hitting `/verify` server-side.
• Social-first lead generation flows — accept a social handle from a user, return a verified email + name + role for downstream personalization.
• Internal dashboards — replace a spreadsheet of "emails to verify" with a real-time UI backed by the API.

Reliability and SLAs

99.9% uptime SLA on paid plans, measured monthly. Status page at status.emailsneak.com (linked from the changelog).

We maintain redundant SMTP verification infrastructure across two regions (US-East, EU-West) to protect against single-region outages affecting verification accuracy. Per the 12-factor app principles, all deploy-time config is environment-based and zero-downtime.

Getting started

Sign up free at /signup → settings → API → generate a key. Free tier includes 25 lookup credits to test the API end-to-end. Production usage starts at $19/mo (see pricing) with credit packs for variable workloads.

Frequently asked questions

Is there a free tier on the API?

Yes — same free credit allotment as the web app (~25 verified lookups), usable through the API with no separate signup.

What's the maximum bulk job size?

10,000 inputs per /bulk request. For larger workloads, submit multiple jobs in parallel — there's no daily cap on jobs submitted.

Does the API support GDPR data residency in the EU?

Yes on enterprise plans — verification and storage routed exclusively through our EU-West infrastructure with a signed Data Processing Agreement. Contact us via /contact for details.

How do you charge for retried calls?

Network-level retries on your side don't double-charge — we deduplicate calls within a 60-second window using the optional `Idempotency-Key` header. If you don't pass the header and re-submit, that's a new billable call.

Can I use the API for real-time form validation?

Yes, /verify is fast enough (~600ms p95) for inline form UX. We recommend rate-limiting on your side per-user to avoid burning credits on abusive submissions.

Sources & references

1. Standard Webhooks specification— Standard Webhooks
2. Stripe webhook best practices— Stripe
3. 12-Factor App methodology— Heroku / Adam Wiggins
4. RFC 5321 — SMTP— IETF

Try EmailSneak free

Find the right people on the platforms they actually use, then send fewer, better emails. No credit card required.