Create a ban

curl -X POST "https://mail.haltman.io/api/admin/bans" \
  -H "Content-Type: application/json" \
  -H "X-CSRF-Token: YOUR_API_KEY" \
  -d '{
  "ban_type": "email",
  "ban_value": "example_string",
  "reason": "example_string",
  "expires_at": "2024-12-25T10:00:00Z",
  "disable_matching_aliases": true
}'

import requests
import json

url = "https://mail.haltman.io/api/admin/bans"
headers = {
  "Content-Type": "application/json",
  "X-CSRF-Token": "YOUR_API_KEY"
}
data = {
  "ban_type": "email",
  "ban_value": "example_string",
  "reason": "example_string",
  "expires_at": "2024-12-25T10:00:00Z",
  "disable_matching_aliases": true
}

response = requests.post(url, headers=headers, json=data)
print(response.json())

const response = await fetch("https://mail.haltman.io/api/admin/bans", {
  method: "POST",
  headers: {
  "Content-Type": "application/json",
  "X-CSRF-Token": "YOUR_API_KEY"
},
  body: JSON.stringify({
  "ban_type": "email",
  "ban_value": "example_string",
  "reason": "example_string",
  "expires_at": "2024-12-25T10:00:00Z",
  "disable_matching_aliases": true
})
});

const data = await response.json();
console.log(data);

package main

import (
    "fmt"
    "net/http"
    "bytes"
    "encoding/json"
)

func main() {
    data := []byte(`{
  "ban_type": "email",
  "ban_value": "example_string",
  "reason": "example_string",
  "expires_at": "2024-12-25T10:00:00Z",
  "disable_matching_aliases": true
}`)

    req, err := http.NewRequest("POST", "https://mail.haltman.io/api/admin/bans", bytes.NewBuffer(data))
    if err != nil {
        panic(err)
    }

    req.Header.Set("Content-Type", "application/json")
    req.Header.Set("X-CSRF-Token", "YOUR_API_KEY")

    client := &http.Client{}
    resp, err := client.Do(req)
    if err != nil {
        panic(err)
    }
    defer resp.Body.Close()

    fmt.Println("Response Status:", resp.Status)
}

require 'net/http'
require 'json'

uri = URI('https://mail.haltman.io/api/admin/bans')
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true

request = Net::HTTP::Post.new(uri)
request['Content-Type'] = 'application/json'
request['X-CSRF-Token'] = 'YOUR_API_KEY'
request.body = '{
  "ban_type": "email",
  "ban_value": "example_string",
  "reason": "example_string",
  "expires_at": "2024-12-25T10:00:00Z",
  "disable_matching_aliases": true
}'

response = http.request(request)
puts response.body

{
  "ok": true,
  "created": true,
  "updated": true,
  "deleted": true,
  "disabled_aliases": 42,
  "message": "example_string",
  "item": {
    "id": 123,
    "ban_type": "email",
    "ban_value": "example_string",
    "reason": "example_string",
    "created_at": "2024-12-25T10:00:00Z",
    "expires_at": "2024-12-25T10:00:00Z",
    "revoked_at": "2024-12-25T10:00:00Z",
    "revoked_reason": "example_string",
    "active": true
  }
}

POST

/api/admin/bans

POST

API Key (cookie: __Host-access)

__Host-accessstring

Required

Access-session cookie used for user and admin authentication.

API Key (header: X-CSRF-Token)

X-CSRF-Tokenstring

Required

CSRF token derived from the current session family.

Content-Typestring

Required

The media type of the request body

Options: application/json

ban_typestring

Required

Options: email, domain, ip, name

Format: date-time

disable_matching_aliasesboolean

When true, deactivates all matching active aliases for email, domain, and name bans.

Request Preview

Response

Response will appear here after sending the request

Authentication

path

parameterstring

Required

API Key for authentication. Access-session cookie used for user and admin authentication.

header

X-CSRF-Tokenstring

Required

API Key for authentication. CSRF token derived from the current session family.

Body

application/json

ban_typestring

Required

Allowed values:emaildomainipname

disable_matching_aliasesboolean

When true, deactivates all matching active aliases for email, domain, and name bans.

Responses

okboolean

Required

createdboolean

updatedboolean

deletedboolean

disabled_aliasesinteger

Number of aliases deactivated when disable_matching_aliases was true.

messagestring

itemobject

Required

idinteger

Required

ban_typestring

Required

Allowed values:emaildomainipname

ban_valuestring

Required

reasonstring

created_atstring

Required

expires_atstring

revoked_atstring

revoked_reasonstring

activeboolean

Required

errorstring

Required

fieldstring

reasonstring

hintstring

constraintsobject

errorstring

Required

errorstring

Required

errorstring

Required

errorstring

Required

wherestring

reasonstring

Was this page helpful?

Raise an issue

Last updated Apr 9, 2026

Built with Documentation.AI

curl -X POST "https://mail.haltman.io/api/admin/bans" \ -H "Content-Type: application/json" \ -H "X-CSRF-Token: YOUR_API_KEY" \ -d '{ "ban_type": "email", "ban_value": "example_string", "reason": "example_string", "expires_at": "2024-12-25T10:00:00Z", "disable_matching_aliases": true }'

{ "ok": true, "created": true, "updated": true, "deleted": true, "disabled_aliases": 42, "message": "example_string", "item": { "id": 123, "ban_type": "email", "ban_value": "example_string", "reason": "example_string", "created_at": "2024-12-25T10:00:00Z", "expires_at": "2024-12-25T10:00:00Z", "revoked_at": "2024-12-25T10:00:00Z", "revoked_reason": "example_string", "active": true } }