# 2b4d Temp Mail API

> Session-scoped JSON API for creating temporary email addresses, reading inboxes, fetching sanitized message detail, and clearing inboxes on 2b4d.org.

Base URL: https://2b4d.org
Human docs: https://2b4d.org/docs/
Full AI docs: https://2b4d.org/llms-full.txt

## Important behavior

- API is session-cookie scoped.
- Start by calling `POST /api/tempmail/address`; store returned `Set-Cookie` values.
- Send `Cookie: tm_session=...; tm_nonce=...` on inbox/message/clear requests.
- No public CORS headers are emitted.
- Messages expire after 24 hours.
- HTML message bodies are sanitized before storage and return as `sanitized_html_body`.
- API errors are JSON objects with a stable `error` string.

## Supported mail domains

- fuckemail.org
- g3m4.dev
- shineshop.store
- freelet.org

## Endpoints

- `GET /api/tempmail/domains` — list supported domains, alias algorithms, retention, and polling hints.
- `POST /api/tempmail/address` — create or claim an address for the current session.
- `GET /api/tempmail/inbox?email=:email` — list messages for a claimed address.
- `GET /api/tempmail/messages/:id` — fetch full sanitized message detail.
- `DELETE /api/tempmail/inbox?email=:email` — clear visible messages for the current session only.

## Quick example

```bash
curl -i https://2b4d.org/api/tempmail/address \
  -H "Content-Type: application/json" \
  --data '{"random":true,"domain":"g3m4.dev","algorithm":"compact"}'
```

Then use the returned cookies:

```bash
curl 'https://2b4d.org/api/tempmail/inbox?email=YOUR_EMAIL' \
  -H 'Cookie: tm_session=...; tm_nonce=...'
```

See `/llms-full.txt` for full schemas and examples.