AI Agents

Give your AI agent disposable email addresses. Create inboxes, receive mail, extract verification codes — through MCP or the REST API.

MCP Server

The fastest way to give your agent email capabilities. Add the Blip MCP server to any compatible client — Claude Desktop, Cursor, VS Code, Windsurf, or anything that supports the Model Context Protocol.

Claude Desktop / Cursor / VS Code

{

"mcpServers": {

"blip": {

"command": "npx",

"args": ["-y", "@useblip/email"],

"env": {

"BLIP_API_KEY": "blip_ak_..."

}

Config file locations: Claude Desktop ~/Library/Application Support/Claude/claude_desktop_config.json, Cursor .cursor/mcp.json, VS Code .vscode/mcp.json

Available Tools

The MCP server exposes the following tools. Your agent can call them directly — no boilerplate needed.

create_inbox

Create a new disposable email address. Returns the address and inbox ID.

Params: slug? domain? windowMinutes?

list_inboxes

List all active inboxes with email counts and expiry times.

get_inbox

Get inbox details and list of received emails.

Params: inboxId

read_email

Read the full content of a specific email including body and attachments.

Params: emailId

extract_codes

Extract OTP codes and verification links from the latest email in an inbox.

Params: inboxId

wait_for_email

Poll an inbox until a new email arrives. Returns the email when received.

Params: inboxId timeoutSeconds?

delete_inbox

Delete an inbox and all its emails. Optional — inboxes auto-expire.

Params: inboxId

Example Prompts

Once configured, just ask your agent in natural language:

"Create a throwaway email, sign up for Acme Corp, and give me the verification code."

"I need to test our signup flow. Create an inbox, register a new account on staging, and confirm the email works."

"Watch the inbox bold-oak-77@bl1p.dev for a password reset email and extract the reset link."

Authentication

Both MCP and REST API use the same API key. Create one from the dashboard or via the API:

curl -X POST https://api.useblip.email/v1/api-keys \

-H "Authorization: Bearer {session_token}" \

-H "Content-Type: application/json" \

-d '{"name": "my-agent"}'

{"key": "blip_ak_abc123...", "apiKey": {...}}

Requires an AGENT subscription. Save the key — it's only shown once.

REST API

If your agent framework doesn't support MCP, use the REST API directly. The typical flow: create inbox → use address → poll or extract → clean up.

1. Create a disposable inbox

POST /v1/inboxes

Authorization: Bearer blip_ak_...

Response:

{"inbox": {"id": "inbox-abc", "address": "bold-oak-77@bl1p.dev", "expiresAt": "..."}}

2. Extract the OTP or verification link

GET /v1/inboxes/inbox-abc/extract

Authorization: Bearer blip_ak_...

Response:

{"otps": ["847293"], "links": ["https://example.com/verify?token=xyz"]}

Poll until the email arrives — extraction is instant once it's there.

3. Clean up (optional)

DELETE /v1/inboxes/inbox-abc

Inboxes auto-expire based on TTL — default 1 hour, up to 90 days.

Polling vs Webhooks

Polling

Simple — just check the inbox on an interval.

GET /v1/inboxes/{id}/extract

// Repeat every 2 seconds until OTP appears

Webhooks

Push-based — get notified when email arrives.

POST /v1/webhooks

{"url": "https://...", "inboxId": "..."}

The MCP server's wait_for_email tool handles polling automatically.

Limits

Limit	AGENT tier
Max inboxes	Unlimited
Default TTL	1 hour
Max TTL	90 days
Email retention	24 hours
API rate limit	600 reads/min, 60 writes/min
Custom slugs	Yes

Complete Example

End-to-end flow: create an inbox, use it to sign up, poll for the verification email, and extract the OTP.

Python

import requests, time

API = "https://api.useblip.email/v1"

HEADERS = {"Authorization": "Bearer blip_ak_..."}

# 1. Create a disposable inbox

inbox = requests.post(f"{API}/inboxes", headers=HEADERS).json()["inbox"]

address = inbox["address"]

inbox_id = inbox["id"]

# 2. Use the address to sign up on an external service

requests.post("https://example.com/signup", json={"email": address})

# 3. Poll for the OTP

for _ in range(30):

resp = requests.get(f"{API}/inboxes/{inbox_id}/extract", headers=HEADERS).json()

if resp.get("otps"):

print("OTP:", resp["otps"][0])

break

time.sleep(2)

# 4. Clean up (optional — auto-expires)

requests.delete(f"{API}/inboxes/{inbox_id}", headers=HEADERS)

TypeScript

const API = "https://api.useblip.email/v1";

const headers = { Authorization: "Bearer blip_ak_..." };

// 1. Create a disposable inbox

const { inbox } = await fetch(`${API}/inboxes`, {

method: "POST", headers,

}).then(r => r.json());

// 2. Use the address to sign up on an external service

await fetch("https://example.com/signup", {

method: "POST",

headers: { "Content-Type": "application/json" },

body: JSON.stringify({ email: inbox.address }),

});

// 3. Poll for the OTP

let otp: string | undefined;

for (let i = 0; i < 30; i++) {

const data = await fetch(`${API}/inboxes/${inbox.id}/extract`, { headers })

.then(r => r.json());

if (data.otps?.length) { otp = data.otps[0]; break; }

await new Promise(r => setTimeout(r, 2000));

}

console.log("OTP:", otp);

// 4. Clean up (optional)

await fetch(`${API}/inboxes/${inbox.id}`, { method: "DELETE", headers });

Security

API keys are scoped to your account — agents can only access inboxes they create.
Email content is encrypted at rest with per-inbox AES-256-GCM keys.
Inboxes and emails are automatically deleted after TTL expiry.
Use environment variables for API keys — never hardcode them in agent configs that get committed to source control.

AGENT is stackable with PRO — subscribe to both for agent automation plus long-lived personal inboxes, replies, and forwarding.