API Documentation

Not sure where to start? Не знаешь с чего начать?

🎬 Watch the video guide 🎬 Посмотри видео-гайд Click to quickly understand how it works Нажми, чтобы быстро разобраться 📭 No emails available? 📭 Нет почт в наличии? Learn what to do in this case Узнай, что делать в таком случае
⚠️ IMAP Issues: IMAP access is currently unstable. This is a problem on Microsoft's side and is not related to the quality of the accounts. Please use web login or Graph API. We recommend not buying large quantities of emails just to test IMAP functionality.
How to connect via Graph API?

Email Purchase Tool

Enter your key(s) below to check balance or purchase emails. You can enter multiple keys, one per line.

Enter your key(s):
Results:

API Documentation

1. Check User Balance 1. Проверка баланса пользователя

Retrieve the balance associated with a user's key.

GET https://ss-mail.org/balance?apikey=USER_KEY

  • apikey: User's key for authentication. The key you received after purchase.
Example Request: https://ss-mail.org/balance?apikey=HLKfsnGmPoXJPecYtNXu8DAehGDzkiGoxJc7rw6Z
Example Response: 
{
  "apikey": "USER_KEY",
  "balance": 50
}

2. Check Email Stock 2. Проверка наличия почт

Retrieve the number of available emails for purchase.

GET https://ss-mail.org/instock

Example Response: 
{
  "hotmail.com": 120,
  "outlook.com": 300
}

3. Purchase Emails 3. Покупка почтовых аккаунтов

Buy email accounts using a user's key.

GET https://ss-mail.org/buy?mail_domain=DOMAIN&quantity=NUMBER&apikey=USER_KEY&format=FORMAT&type=ACCOUNT_TYPE

  • mail_domain: Specify the domain (hotmail or outlook).
  • quantity: Number of accounts to purchase.
  • apikey: User's key for authentication. The key you received after purchase.
  • format: Format of the response (1, 2, 3, 4, or 5).
  • type (optional): Account type. Use longlive to purchase long-live accounts. If omitted, a regular (short-live) account will be purchased.
Example Request: https://ss-mail.org/buy?mail_domain=hotmail&quantity=1&apikey=HLKfsnGmPoXJPecYtNXu8DAehGDzkiGoxJc7rw6Z&format=1
Response Formats:
  • 1: JSON format (default).
  • 2: email:password:refresh_token:client_id.
  • 3: email:password.
  • 4: email:password:graph_refresh_token:client_id.
  • 5: email:password:refresh_token:graph_refresh_token:client_id.
Example Response (Format 1): 
[
  {
    "email": "[email protected]",
    "password": "password",
    "refresh_token": "refreshtoken",
    "access_token": "accesstoken",
    "graph_refresh_token": "graphrefreshtoken",
    "graph_access_token": "graphaccesstoken",
    "client_id": "clientid"
  }
]
Example Response (Format 2): 
[email protected]:password:refreshtoken:clientid
Example Response (Format 3): 
[email protected]:password
Example Response (Format 4): 
[email protected]:password:graphrefreshtoken:clientid
Example Response (Format 5): 
[email protected]:password:refreshtoken:graphrefreshtoken:clientid

4. Retrieve User Orders 4. Просмотр заказов

Return all purchased emails linked to the user's key. Orders are stored on the server for 10–20 days.

GET https://ss-mail.org/orders?apikey=USER_KEY

  • apikey: Your API key received after purchase.
Example Request: https://ss-mail.org/orders?apikey=HLKfsnGmPoXJPecYtNXu8DAehGDzkiGoxJc7rw6Z
Example Response: 
[
  {
    "email": "[email protected]",
    "password": "password",
    "refresh_token": "refreshtoken",
    "access_token": "accesstoken",
    "graph_refresh_token": "graphrefreshtoken",
    "graph_access_token": "graphaccesstoken",
    "client_id": "clientid"
  }
]

5. Combine Keys 5. Объединение ключей

Transfer balance from one API key to another. The source key will be deleted after transfer.

GET https://ss-mail.org/combine_keys?apikey=MAIN_KEY&from_key=SOURCE_KEY

  • apikey: Target key that will receive the balance.
  • from_key: Source key whose balance will be transferred (will be deleted after operation).
Example Request: https://ss-mail.org/combine_keys?apikey=aBcDeFgHiJkLmNoPqRsTuVwXyZ0123456789&from_key=HLKfsnGmPoXJPecYtNXu8DAehGDzkiGoxJc7rw6Z
Example Response: 
{
  "message": "Balance successfully merged to apikey",
  "apikey": "aBcDeFgHiJkLmNoPqRsTuVwXyZ0123456789",
  "added_balance": 25,
  "new_balance": 75,
  "removed_key": "HLKfsnGmPoXJPecYtNXu8DAehGDzkiGoxJc7rw6Z"
}

How to Purchase an Email Как купить почту

Step-by-Step Guide

Follow these simple steps to purchase an email account:

  1. Open your browser's search bar.
  2. Paste API requests from the documentation into the search bar to check your balance, check available email stock or purchase an email account.
  3. Replace USER_KEY with your actual API key.

Video Tutorial

Watch the video below for a detailed guide on how to purchase an email:

Important Information Важная информация

📭 Why are there sometimes no emails in stock?

Microsoft actively combats mass automated account registration. This leads to periods when registration is virtually impossible for everyone, which can cause a temporary shortage of available emails.

  • This is a global issue affecting all registration services, not a problem with our software or proxies. Even manual registration attempts often fail during these times.
  • Our software works 24/7, relentlessly attempting registrations. As soon as Microsoft lifts the restrictions, accounts immediately begin to appear for sale again. Typically, we maintain 5K–20K emails in stock.

How to buy emails during a shortage?

The web tool on this page is a simplified alternative and has speed limits, making it difficult to "catch" emails when stock is low. Many buyers use custom scripts that instantly grab newly available accounts.

We strongly recommend using the API (documentation and video instructions are below) or the autobuy feature in our Telegram Bot. To successfully purchase, continuously send API requests until you receive an email (API limit is 10 requests per second from one IP).

We are doing our utmost to ensure a sufficient supply for all buyers. Thank you for your patience!

⏰ 24/7 Registration and Updates

We register and add emails around the clock. If the required accounts are not currently available, try sending a request or refreshing the browser page several times. If emails are not available for some time, it may be due to temporary software issues. Our team actively monitors the process and does everything possible to resolve issues as quickly as possible.

⌛️ Account Lifespan

Please note that short-live accounts are active for 1 to 6 hours. After this time, a phone number verification request may appear. We recommend using the accounts immediately after purchase.

If you need trusted accounts, pay attention to long-lived emails that have been active for at least 5-12 months or more.

💼 Replacement Guarantee

If an account turns out to be non-functional, we provide a guarantee for its replacement within 30 minutes of purchase.

🛡 What are Access Token, Refresh Token, and Client ID, and how to use OAuth2 for IMAP?

OAuth2 is a new way to connect to Microsoft email. To understand how these tokens work together and how to connect to email via IMAP using OAuth2, we have prepared a detailed article for you. In it, you will find simple explanations and practical examples in Python and JavaScript.

OAuth2 Documentation for IMAP & Graph API Документация OAuth2 для IMAP и Graph API

💡 All You Need to Know About Microsoft OAuth2

In 2024, Microsoft made OAuth2 authorization mandatory for working with email accounts via the IMAP protocol. This means you need to use tokens instead of a simple login and password. This guide will show you how to connect via the traditional IMAP protocol and the modern Microsoft Graph API.

📌 Key Terms You Should Know

  • Access Token: A temporary key that allows your app to work with your email account on your behalf. Typically valid for 1 hour, after which it needs to be refreshed.
  • Refresh Token: A token used to get a new Access Token when the current one expires. Long-lived and doesn't need to be updated frequently.
  • Client ID: A unique identifier for your app, provided by Microsoft when you register it. It identifies your app in the OAuth2 system.

🛠️ Connecting to IMAP with Access Token

This is the classic method for connecting to a mailbox. You will need:

  • Access Token (temporary access key)
  • Email Address

⚙️ Example: How to connect using Python:

import imaplib

# Connection details
email = "[email protected]"
access_token = "your_access_token"
imap_host = "outlook.office365.com"

# Establish connection
mail = imaplib.IMAP4_SSL(imap_host)
auth_string = f"user={email}\x01auth=Bearer {access_token}\x01\x01"
mail.authenticate("XOAUTH2", lambda x: auth_string)

# Access the inbox
mail.select("inbox")
status, messages = mail.search(None, "ALL")
print("Messages:", messages)

⚙️ Example: How to connect using JavaScript (Node.js):

const { ImapFlow } = require('imapflow');

async function connectToMailbox() {
    const client = new ImapFlow({
        host: 'outlook.office365.com',
        port: 993,
        secure: true,
        auth: {
            user: '[email protected]',
            accessToken: 'your_access_token'
        }
    });

    await client.connect();
    console.log('Connected to the mailbox!');
}

🔄 Refreshing Access Token with Refresh Token

When an Access Token expires (usually after 1 hour), you need to get a new one. For this you will need:

  • Refresh Token
  • Client ID

📎 Example: How to refresh token using Python:

import requests

# Request data
url = "https://login.live.com/oauth20_token.srf"
payload = {
    "client_id": "<your_client_id>",
    "grant_type": "refresh_token",
    "refresh_token": "<your_refresh_token>"
}

# Send POST request
response = requests.post(url, data=payload)

# Check the result
if response.status_code == 200:
    print("New Access Token:", response.json()["access_token"])
else:
    print("Error:", response.json())

📎 Example: How to refresh token using JavaScript (Node.js):

const fetch = require('node-fetch'); // or use native fetch

const url = "https://login.live.com/oauth20_token.srf";
const payload = new URLSearchParams({
    client_id: "<your_client_id>",
    grant_type: "refresh_token",
    refresh_token: "<your_refresh_token>"
});

fetch(url, {
    method: "POST",
    headers: { "Content-Type": "application/x-www-form-urlencoded" },
    body: payload
})
.then(response => response.json())
.then(data => {
    if (data.access_token) {
        console.log("New Access Token:", data.access_token);
    } else {
        console.error("Error:", data);
    }
})
.catch(error => console.error("Request Error:", error));

🔒 Alternative: Connecting via Microsoft Graph API

If you are experiencing issues with IMAP, Microsoft Graph API is a more modern and reliable alternative for accessing mailboxes. It uses the same OAuth2 tokens but communicates through a different endpoint and requires a different scope. Not all of our mails support this method, but you can contact support for details. To connect, you will need:

  • Graph Refresh Token
  • Client ID

⚙️ Example: How to connect via Graph API using Python:

import requests

# Authorization data
client_id = "<your_client_id>"
refresh_token = "<your_refresh_token>"

# 1. Get a new access_token with the correct scope
url_token = "https://login.microsoftonline.com/common/oauth2/v2.0/token"
payload = {
    "client_id": client_id,
    "grant_type": "refresh_token",
    "refresh_token": refresh_token,
    "scope": "https://graph.microsoft.com/.default"
}
res = requests.post(url_token, data=payload)
access_token = res.json().get("access_token")

if not access_token:
    print("Error getting token:", res.json())
    exit()

# 2. Connect to email via Microsoft Graph
url_mail = "https://graph.microsoft.com/v1.0/me/mailFolders/inbox/messages"
headers = {"Authorization": f"Bearer {access_token}"}
res = requests.get(url_mail, headers=headers)

# 3. Print results
if res.status_code == 200:
    messages = res.json().get("value", [])
    if messages:
        for msg in messages[:3]:  # show first 3 emails
            subject = msg.get("subject")
            sender = msg.get("from", {}).get("emailAddress", {}).get("address")
            body = msg.get("body", {}).get("content", "")
               
            print(f"Subject: {subject}")
            print(f"From: {sender}")
            print(f"Body:\n{body.strip()[:500]}")  # limit body output to 500 chars
            print("-" * 60)
    else:
        print("No emails found.")
else:
    print("Error fetching mail:", res.json())

⚙️ Example: How to connect via Graph API using JavaScript (Node.js)

async function getGraphEmails(refreshToken, clientId) {
    try {
        // 1. Get Access Token
        const tokenUrl = "https://login.microsoftonline.com/common/oauth2/v2.0/token";
        const tokenPayload = new URLSearchParams({
            client_id: clientId,
            grant_type: "refresh_token",
            refresh_token: refreshToken,
            scope: "https://graph.microsoft.com/.default"
        });

        const tokenRes = await fetch(tokenUrl, {
            method: "POST",
            body: tokenPayload
        });
        const tokenData = await tokenRes.json();
        if (!tokenRes.ok) throw new Error(tokenData.error_description);
        
        // 2. Get emails
        const mailUrl = "https://graph.microsoft.com/v1.0/me/mailFolders/inbox/messages";
        const mailRes = await fetch(mailUrl, {
            headers: { "Authorization": `Bearer ${tokenData.access_token}` }
        });
        const mailData = await mailRes.json();
        if (!mailRes.ok) throw new Error(mailData.error.message);

        console.log("Found messages:", mailData.value.length);
        
    } catch (error) {
        console.error("Graph API Error:", error.message);
    }
}

getGraphEmails("<your_refresh_token>", "<your_client_id>");