Skip to main content
Use a local workflow that exercises the real API without exposing secrets or surprising real recipients.

Environment variables

Store credentials outside source control: 
MAILCHANNELS_API_KEY=xxx
Add .env to .gitignore and commit a .env.example with placeholder values only.

Test sending

Start with one recipient you control. Use a subject prefix such as [dev] or [staging] so test mail is easy to identify. Before sending a new template, use the dry-run option to render the message without sending it.

Local webhook testing

During development:
  1. Run your webhook receiver locally.
  2. Expose it through a temporary HTTPS tunnel.
  3. Register the tunnel URL as your webhook endpoint.
  4. Run webhook validation.
  5. Store the raw test event and verify signature validation before adding business logic.

Avoid common mistakes

  • Do not put API keys in browser JavaScript.
  • Do not commit .env files, webhook signing keys, or private DKIM keys.
  • Do not test with large recipient lists.
  • Do not use production customer addresses for template experiments.
  • Do not assume a successful API response means inbox placement. Use webhooks and mailbox checks.