Skip to main content
Clawb can act as a backend enforcement point for email sending:
  1. Your service calls POST /v1/check with action: "send_email" and an email object (recipients, attachment metadata, etc.)
  2. If Clawb returns allow, your service calls POST /v1/email/send to send the email server-side via SendGrid
  3. If Clawb returns deny or challenge, your service must not send the email
Auth quick reference
# Preferred
X-Clawb-Api-Key: ck_live_9f2b3c4d5e6f7a8b

# Alternative
Authorization: Bearer ck_live_9f2b3c4d5e6f7a8b
Use provider keys with the ck_live_ or ck_test_ prefix.

Step 1 — Ask for a decision

curl -sS -X POST "https://api.clawb.ai/api/v1/check" \
  -H "Content-Type: application/json" \
  -H "X-Clawb-Api-Key: ck_live_9f2b3c4d5e6f7a8b" \
  -d '{
    "agent_id": "agt_...",
    "policy_id": "pol_email",
    "action": "send_email",
    "email": {
      "to": ["user@example.com"],
      "subject": "Your receipt",
      "attachments": []
    }
  }'

Step 2 — Send (only if allowed)

/v1/email/send requires a workspace API key header. 
curl -sS -X POST "https://api.clawb.ai/api/v1/email/send" \
  -H "Content-Type: application/json" \
  -H "X-Clawb-Api-Key: ck_live_9f2b3c4d5e6f7a8b" \
  -d '{
    "agent_id": "agt_...",
    "policy_id": "pol_email",
    "email": {
      "to": ["user@example.com"],
      "subject": "Your receipt",
      "text": "Thanks for your purchase!",
      "html": "<p>Thanks for your purchase!</p>"
    }
  }'

Response

{
  "ok": true,
  "provider": "sendgrid",
  "provider_message_id": "..."
}

Blocked sends

If policy evaluation denies or challenges, /v1/email/send returns 403 with a stable payload: 
{
  "error": "policy_blocked",
  "decision": "deny" | "challenge",
  "reasons": ["..."],
  "challenge": {"type": "...", "url": "..."}
}