ValidOrNah - Is That Email Real Or Nah?

Get Started in 3 Steps

Easier than making instant noodles. Almost.

const response = await fetch('https://api.validornah.com/v1/verify', {
  method: 'POST',
  headers: {
    'Authorization': `Bearer ${process.env.VALIDORNAH_API_KEY}`,
    'Content-Type': 'application/json',
  },
  body: JSON.stringify({ email: 'test@example.com' }),
});

const result = await response.json();
console.log(result.status); // 'valid' | 'invalid' | 'risky'

Authentication

All requests need your secret handshake (Bearer token).

Slap your API key in the Authorization header:

Authorization: Bearer YOUR_API_KEY

Endpoints

Base URL: https://api.validornah.com

Single Email Check

One email at a time. The slow and steady approach.

const response = await fetch('https://api.validornah.com/v1/verify', {
  method: 'POST',
  headers: {
    'Authorization': `Bearer ${apiKey}`,
    'Content-Type': 'application/json',
  },
  body: JSON.stringify({ email: 'john@company.com' }),
});

const result = await response.json();

Bulk Email Check

Got a list? Throw it at us. We can handle it.

const emails = ['john@company.com', 'jane@startup.io', 'test@tempmail.com'];

const response = await fetch('https://api.validornah.com/v1/verify/bulk', {
  method: 'POST',
  headers: {
    'Authorization': `Bearer ${apiKey}`,
    'Content-Type': 'application/json',
  },
  body: JSON.stringify({ emails }),
});

const { results, summary } = await response.json();

Response Format

What our API tells you (and what it means)

Status Codes

valid

All good - email exists and works

invalid

Nope - this email is going nowhere

risky

Hmm - might work, might not. Proceed with caution.

unknown

Shrug - we couldn't figure it out

What We Check

Basic Checks

syntax

Is it even formatted like an email?

dns

Does the domain exist? MX records lookup.

disposable

Is it a burner email? We check 100k+ disposable domains.

role

Is it a generic address (info@, admin@)?

freeProvider

Gmail, Yahoo, Hotmail crowd

Deep Analysis

typo

Catches common typos (gmial.com -> gmail.com)

security

SPF, DKIM, DMARC security records check

domainAge

How old is this domain? New = suspicious.

blacklist

Is the domain on any DNSBL blacklists?

pattern

Does the email pattern look legit or sketchy?

profile

Gravatar, website existence checks

mxQuality

MX provider quality (Google, Microsoft, etc.)

Rate Limits

How fast you can go (depends on your plan)

Plan	Requests/min	Burst
Starter	60/min	5,000/month
Pro	120/min	25,000/month
Business	300/min	150,000/month
Enterprise	Custom	Custom

Error Codes

When things go wrong (and what it means)

Code	What happened
400	You sent us garbage (check your params)
401	Who are you? (invalid API key)
403	Nice try, but no access
429	Slow down there, speed racer (rate limited)
500	Our bad. Something broke on our end.

1. Grab Your API Key

Join the Party

API Documentation