APIVerve
APIVerveDocumentation
Ctrl+K
apiverve

DMARC ValidatorDMARC Validator API

OnlineCredit Usage:5 per callLive Data
avg: 580ms|p50: 542ms|p75: 606ms|p90: 682ms|p99: 835ms

Overview

To use DMARC Validator, you need an API key. You can get one by creating a free account and visiting your dashboard.

GET Endpoint

URL
https://api.apiverve.com/v1/dmarcvalidator

Example

How to call the DMARC Validator API in different programming languages.

cURL Request
curl -X GET \
  "https://api.apiverve.com/v1/dmarcvalidator?domain=paypal.com" \
  -H "X-API-Key: your_api_key_here"
JavaScript (Fetch API)
const response = await fetch('https://api.apiverve.com/v1/dmarcvalidator?domain=paypal.com', {
  method: 'GET',
  headers: {
    'X-API-Key': 'your_api_key_here',
    'Content-Type': 'application/json'
  }
});

const data = await response.json();
console.log(data);
Python (Requests)
import requests

headers = {
    'X-API-Key': 'your_api_key_here',
    'Content-Type': 'application/json'
}

response = requests.get('https://api.apiverve.com/v1/dmarcvalidator?domain=paypal.com', headers=headers)

data = response.json()
print(data)
Go (net/http)
package main

import (
    "fmt"
    "io"
    "net/http"

)

func main() {
    req, _ := http.NewRequest("GET", "https://api.apiverve.com/v1/dmarcvalidator?domain=paypal.com", nil)

    req.Header.Set("X-API-Key", "your_api_key_here")
    req.Header.Set("Content-Type", "application/json")

    client := &http.Client{}
    resp, err := client.Do(req)
    if err != nil {
        panic(err)
    }
    defer resp.Body.Close()

    body, _ := io.ReadAll(resp.Body)
    fmt.Println(string(body))
}
Example Response
{
  "status": "ok",
  "error": null,
  "data": {
    "host": "paypal.com",
    "dmarcHost": "_dmarc.paypal.com",
    "hasDmarc": true,
    "dmarc_record": "v=DMARC1; p=reject; rua=mailto:[email protected]; ruf=mailto:[email protected]",
    "rua": {
      "email": "[email protected]",
      "domain": "rua.agari.com",
      "valid": true
    },
    "ruf": {
      "email": "[email protected]",
      "domain": "ruf.agari.com",
      "valid": true
    },
    "v": "DMARC1",
    "p": "reject",
    "valid": true
  }
}

Authentication

The DMARC Validator API requires authentication via API key. Include your API key in the request header:

Required Header
X-API-Key: your_api_key_here

Learn more about authentication →

Interactive API Playground

Test the DMARC Validator API directly in your browser with live requests and responses.

Live Test DMARC Validator APITry it free with instant results - no signup required

Parameters

The following parameters are available for the DMARC Validator API:

Validate DMARC Record

ParameterTypeRequiredDescriptionDefaultExample
domainstringrequired
The domain to validate the DMARC record for
Format: domain (e.g., paypal.com)
-paypal.com

Response

The DMARC Validator API returns responses in JSON, XML, YAML, and CSV formats. The JSON response is shown in the Example section above; alternative formats below.

Other Response Formats

XML Response
200 OK
<?xml version="1.0" encoding="UTF-8"?>
<response>
  <status>ok</status>
  <error xsi:nil="true" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
  <data>
    <host>paypal.com</host>
    <dmarcHost>_dmarc.paypal.com</dmarcHost>
    <hasDmarc>true</hasDmarc>
    <dmarc_record>v=DMARC1; p=reject; rua=mailto:[email protected]; ruf=mailto:[email protected]</dmarc_record>
    <rua>
      <email>[email protected]</email>
      <domain>rua.agari.com</domain>
      <valid>true</valid>
    </rua>
    <ruf>
      <email>[email protected]</email>
      <domain>ruf.agari.com</domain>
      <valid>true</valid>
    </ruf>
    <v>DMARC1</v>
    <p>reject</p>
    <valid>true</valid>
  </data>
</response>
YAML Response
200 OK
status: ok
error: null
data:
  host: paypal.com
  dmarcHost: _dmarc.paypal.com
  hasDmarc: true
  dmarc_record: v=DMARC1; p=reject; rua=mailto:[email protected]; ruf=mailto:[email protected]
  rua:
    email: [email protected]
    domain: rua.agari.com
    valid: true
  ruf:
    email: [email protected]
    domain: ruf.agari.com
    valid: true
  v: DMARC1
  p: reject
  valid: true
CSV Response
200 OK
keyvalue
hostpaypal.com
dmarcHost_dmarc.paypal.com
hasDmarctrue
dmarc_recordv=DMARC1; p=reject; rua=mailto:[email protected]; ruf=mailto:[email protected]
rua{email:[email protected],domain:rua.agari.com,valid:true}
ruf{email:[email protected],domain:ruf.agari.com,valid:true}
vDMARC1
preject
validtrue

Response Structure

All API responses follow a consistent structure with the following fields:

FieldTypeDescriptionExample
statusstringIndicates whether the request was successful ("ok") or failed ("error")ok
errorstring | nullContains error message if status is "error", otherwise nullnull
dataobject | nullContains the API response data if successful, otherwise null{...}

Learn more about response formats →

Response Data Fields

When the request is successful, the data object contains the following fields:

Response fields marked with Premium are available exclusively on paid plans.View pricing
FieldTypeSample ValueDescription
hoststring"paypal.com"
The domain name that was validated
dmarcHoststring"_dmarc.paypal.com"
The DMARC DNS record hostname for the domain
hasDmarcbooleantrue
Indicates whether a DMARC record exists for domain
dmarc_recordstring"v=DMARC1; p=reject; rua=mailto:[email protected]; ruf=mailto:[email protected]"
The complete DMARC record string from DNS
ruaobject{...}
-
â”” emailPremiumstring"[email protected]"
Email address for aggregate report delivery
â”” domainstring"rua.agari.com"
Domain name extracted from aggregate report email
â”” validPremiumbooleantrue
Indicates if aggregate report email is valid
rufobject{...}
-
â”” emailPremiumstring"[email protected]"
Email address for forensic report delivery
â”” domainstring"ruf.agari.com"
Domain name extracted from forensic report email
â”” validPremiumbooleantrue
Indicates if forensic report email is valid
vstring"DMARC1"
DMARC protocol version from record
pstring"reject"
DMARC policy for domain (reject, quarantine, none)
validbooleantrue
Overall validation status of DMARC record

Headers

Only X-API-Key is required. Optional headers include Accept for response format negotiation (JSON, XML, or YAML), User-Agent, and X-Request-ID for request tracing. See all request headers →

GraphQL AccessALPHA

Access DMARC Validator through GraphQL to combine it with other API calls in a single request. Query only the dmarc validator data you need with precise field selection, and orchestrate complex data fetching workflows.

Test DMARC Validator in the GraphQL Explorer to confirm availability and experiment with queries.

Credit Cost: Each API called in your GraphQL query consumes its standard credit cost.

GraphQL Endpoint
POST https://api.apiverve.com/v1/graphql
GraphQL Query Example
query {
  dmarcvalidator(
    input: {
      domain: "paypal.com"
    }
  ) {
    host
    dmarcHost
    hasDmarc
    dmarc_record
    rua {
      email
      domain
      valid
    }
    ruf {
      email
      domain
      valid
    }
    v
    p
    valid
  }
}

Note: Authentication is handled via the x-api-key header in your GraphQL request, not as a query parameter.

CORS Support

The DMARC Validator API accepts cross-origin requests from any origin, so it can be called directly from browser-based applications without a proxy. See CORS support →

Rate Limiting

DMARC Validator requests are throttled per minute on the Free plan and unthrottled on paid plans. Exceeding the limit returns 429 Too Many Requests; rate-limit usage is reported in the X-RateLimit-Limit, X-RateLimit-Remaining, and X-RateLimit-Reset response headers. See per-plan limits and best practices →

Error Codes

The DMARC Validator API uses standard HTTP status codes — 200 on success, 400 for invalid parameters, 401 for missing or invalid keys, 403 for insufficient credits, 429 for rate-limit exhaustion, and 500/503 for server-side issues. Each error response includes an X-Request-ID header you can quote when contacting support. See full error handling guide →

SDKs for DMARC Validator

Official DMARC Validator packages on npm, PyPI, NuGet, and JitPack — plus a Postman collection and an OpenAPI spec. See the SDK guide →

NPMPyPINuGetSwaggerJitPackJitPack

No-Code Integrations

DMARC Validator works with Zapier, Make, Pipedream, n8n, and Power Automate using the same API key. See setup guides →

Zapier
Zapier
Make
Make
Pipedream
Pipedream
n8n
n8n
Power Automate
Power Automate

Frequently Asked Questions

How do I get an API key for DMARC Validator?
Sign up for a free account at dashboard.apiverve.com. Your API key will be automatically generated and available in your dashboard. The same key works for DMARC Validator and all other APIVerve APIs. The free plan includes 1,000 credits plus a 500 credit bonus.
How many credits does DMARC Validator cost?

Each successful DMARC Validator API call consumes credits based on plan tier. Check the pricing section above for the exact credit cost. Failed requests and errors don't consume credits, so you only pay for successful dmarc validator lookups.

Can I use DMARC Validator in production?

The free plan is for testing and development only. For production use of DMARC Validator, upgrade to a paid plan (Starter, Pro, or Mega) which includes commercial use rights, no attribution requirements, and guaranteed uptime SLAs. All paid plans are production-ready.

Can I use DMARC Validator from a browser?
Yes! The DMARC Validator API supports CORS with wildcard configuration, so you can call it directly from browser-based JavaScript without needing a proxy server. See the CORS section above for details.
What happens if I exceed my DMARC Validator credit limit?

When you reach your monthly credit limit, DMARC Validator API requests will return an error until you upgrade your plan or wait for the next billing cycle. You'll receive notifications at 80% and 95% usage to give you time to upgrade if needed.

What's Next?

Continue your journey with these recommended resources

Browse All APIs

Explore our complete catalog of APIs

Authentication Guide

Learn about API keys and security

Rate Limits

Understand usage limits and best practices

Was this page helpful?