Email Deliverability & Fraud Validation

Credits: 1 per call.

Validates an email address for deliverability and risk. Returns the normalized address, deliverability verdict (deliverable, risky, undeliverable), a quality score (0–100), a toxicity score, and a set of boolean verdicts (isFree, isDisposable, isRoleAccount, isFull, isCatchAll, isToxic).

Use this endpoint at signup time to reject typos and disposable addresses before they enter your database, reducing bounce rates on transactional email and fraud signals from throwaway accounts.

riskLevel reference — standardized scoring you can branch on:

Level	When
`NONE`	Mailbox is deliverable and not flagged as disposable or toxic.
`MEDIUM`	Domain is catch-all — accepts every address, so the specific mailbox cannot be confirmed to exist.
`HIGH`	Deliverability is `risky` or `unknown` (e.g. mail server rejects probes), OR the domain belongs to a disposable / temporary email provider (Mailinator, 10minutemail, Guerrillamail, etc.).
`CRITICAL`	Mailbox is `undeliverable` (does not exist or is full), OR the address scores above 40 on the toxicity index (associated with spam / abuse).

The verdicts object always carries the underlying signals (isFree, isDisposable, isRoleAccount, isFull, isCatchAll, isToxic) so you can apply your own scoring on top if you need finer granularity.

cURL

curl -X POST https://api.origoid.com/global/email/v1/email-validations \
  -H "x-api-key: YOUR_API_KEY" \
  -H "content-type: application/json" \
  -d '{"email": "user@example.com"}'

{
  "status": "OK",
  "type": "SUCCESS",
  "message": "Email is valid and active",
  "data": {
    "email": "user@example.com",
    "deliverability": "deliverable",
    "riskLevel": "NONE",
    "score": 100,
    "toxicityScore": 0,
    "verdicts": {
      "isFree": false,
      "isDisposable": false,
      "isRoleAccount": false,
      "isFull": false,
      "isCatchAll": false,
      "isToxic": false
    },
    "infrastructure": {
      "domain": "origoid.com",
      "provider": "amazon.com",
      "mxRecord": "inbound-smtp.mx-central-2.amazonaws.com."
    }
  },
  "transactionId": "550e8400-e29b-41d4-a716-446655440000",
  "processedAt": "2026-03-07T14:23:00-06:00",
  "billable": true
}

Authorizations

x-api-key

string

header

required

Body

application/json

string

required

The email address to be validated.

Example:

"user@example.com"

Response

Validation results (Strict Envelope Pattern).

status

enum<string>

required

High-level outcome. OK means the request was successfully processed (regardless of business result). ERROR means the request was rejected or could not be processed.

Available options:

OK,

ERROR

type

string

required

Stable result type code. Includes generic codes (SUCCESS, INVALID_REQUEST, UNAUTHORIZED, SERVICE_UNAVAILABLE, INTERNAL_ERROR, RATE_LIMIT_EXCEEDED) plus endpoint-specific result codes — see this endpoint's response examples.

message

string

required

Human-readable summary of the result. Always in English (per Language Conventions in the API overview).

transactionId

string<uuid>

required

Unique identifier of this request, generated by the API Gateway. Propagated end-to-end for traceability.

processedAt

string<date-time>

required

ISO 8601 datetime with Mexico City offset (-06:00). Always set by the API Gateway when the response leaves the system.

billable

boolean

required

Whether this request will be charged against the client's plan. Typically true for successful business results and false for validation errors or system errors that prevented processing.

data

object

Response payload. null on error responses. Shape depends on the endpoint — see each operation's response schema.

errors

object[]

Per-field error details. Present only on INVALID_REQUEST responses.

Show child attributes

Universal Extraction (Proof of Address)**Credits:** 1 per call. Performs OCR on a Mexican proof-of-address document — utility bills (water, electricity, gas, internet, telephone) and bank statements — and returns the structured data printed on it. Returns: - **`provider`**: the issuing utility or institution (CFE, Telmex, Agua, etc.), so you can apply provider-specific business rules and recognize legitimate document layouts. - **`personalInfo`**: holder name as printed on the document. - **`address`**: full address as printed (street, exterior / interior number, neighborhood, municipality, state, postal code). - **`billing`**: issuance date, account number, period covered. - **`validations`**: flags about document age, document type detection confidence, and structural consistency checks. Use this endpoint to automate address verification in KYC flows. The extracted address can be cross-checked against the address your customer submitted at signup.

cURL

curl -X POST https://api.origoid.com/global/email/v1/email-validations \
  -H "x-api-key: YOUR_API_KEY" \
  -H "content-type: application/json" \
  -d '{"email": "user@example.com"}'

{
  "status": "OK",
  "type": "SUCCESS",
  "message": "Email is valid and active",
  "data": {
    "email": "user@example.com",
    "deliverability": "deliverable",
    "riskLevel": "NONE",
    "score": 100,
    "toxicityScore": 0,
    "verdicts": {
      "isFree": false,
      "isDisposable": false,
      "isRoleAccount": false,
      "isFull": false,
      "isCatchAll": false,
      "isToxic": false
    },
    "infrastructure": {
      "domain": "origoid.com",
      "provider": "amazon.com",
      "mxRecord": "inbound-smtp.mx-central-2.amazonaws.com."
    }
  },
  "transactionId": "550e8400-e29b-41d4-a716-446655440000",
  "processedAt": "2026-03-07T14:23:00-06:00",
  "billable": true
}