Hide-My-Email.info API Documentation
All documents

Public Endpoints

This document lists the endpoints that do not require account authentication headers.

For end users of the service, the only anonymous API endpoints are the policy-document endpoints.

Invitee-facing linked-account invitation endpoints are also public, but only for recipients opening invitation links that already contain the required invitation identifiers.

Policy Documents

Allowed policy document categories:

  • acceptable-use-policy
  • how-it-works
  • how-limits-work
  • how-to-delete-my-data
  • privacy
  • select-plan
  • terms-of-service

List current files for a category

`GET /api/v1/policy-documents/

Returns the current and historical files for one policy category.

Headers

  • None required.

Path parameters

  • category - one of:
    • acceptable-use-policy
    • how-it-works
    • how-limits-work
    • how-to-delete-my-data
    • privacy
    • select-plan
    • terms-of-service

Query parameters

  • None

Request body

  • None

Response fields

  • category
  • categoryDisplayName
  • latest
  • latest.fileName
  • latest.versionDateUtc
  • latest.downloadPath
  • files[]
  • files[].fileName
  • files[].versionDateUtc
  • files[].downloadPath

Response codes

  • 200 OK
  • 404 Not Found when the category is unknown

Example

curl "http://Hide-My-Email.info/api/v1/policy-documents/privacy"

Download a PDF policy file

`GET /api/v1/policy-documents/

Downloads a specific PDF file.

Headers

  • None required.

Path parameters

  • category - one of:
    • acceptable-use-policy
    • how-it-works
    • how-limits-work
    • how-to-delete-my-data
    • privacy
    • select-plan
    • terms-of-service
  • fileName - exact file name returned by the list endpoint

Query parameters

  • None

Request body

  • None

Response

  • PDF file stream

Response codes

  • 200 OK
  • 404 Not Found

Example

curl -L "http://Hide-My-Email.info/api/v1/policy-documents/privacy/files/privacy-2026-03-01.pdf" -o privacy.pdf

Linked Account Invitations

These endpoints are public for invitation recipients. They require the invitationId and the matching inviteeEmailHash embedded in the invitation link.

Invitation details

`GET /api/v1/account/users/invitation/

Returns invitation state for an invitee-facing link.

Headers

  • None required.

Path parameters

  • invitationId - invitation identifier from the invitation link
  • inviteeEmailHash - invitee e-mail hash from the invitation link

Query parameters

  • None

Request body

  • None

Response fields

  • success
  • message
  • invitationId
  • inviteeEmail
  • status
  • expiresAtUtc
  • canAccept
  • canReject
  • canIgnore

status uses one of:

  • Invited
  • Member
  • Rejected
  • Removed

Permission flags mean:

  • canAccept - the invitee can currently accept the invitation
  • canReject - the invitee can currently reject the invitation
  • canIgnore - the invitee can currently ignore the invitation

Response codes

  • 200 OK
  • 400 Bad Request when the invitation link is invalid or expired

Example

curl "http://Hide-My-Email.info/api/v1/account/users/invitation/inv_123/ABCDEF..."

Accept invitation

`POST /api/v1/account/users/invitation/

Accepts an invitation and links or creates the invited account.

Headers

  • Content-Type: application/json

Path parameters

  • invitationId - invitation identifier
  • inviteeEmailHash - invitee e-mail hash from the invitation link

Query parameters

  • None

Request body fields

  • email - required
  • password - required when creating or linking by credentials
  • confirmPassword - required when creating or linking by credentials
  • confirmJoin - required, should be true
  • useCurrentAccount - optional boolean; set to true to accept the invitation with the currently logged-in browser account instead of the credentials provided in the request body

Response fields

  • success
  • message
  • user
  • page

user, when returned, contains:

  • invitationId
  • inviteeEmail
  • status
  • memberAccountId
  • memberCurrentEmail
  • createdAtUtc
  • expiresAtUtc
  • respondedAtUtc
  • linkedAtUtc
  • messageLimit
  • tenMinuteRequestLimit

page, when returned, contains the current linked-users page for the owning account:

  • ownerAccountId
  • ownerEmail
  • isLinkedToAnotherAccount
  • linkedOwnerAccountId
  • linkedOwnerEmail
  • usersAllowed
  • usersUsed
  • users[]

Response codes

  • 200 OK
  • 400 Bad Request when validation fails or the invitation cannot be accepted

Example

curl -X POST "http://Hide-My-Email.info/api/v1/account/users/invitation/inv_123/ABCDEF.../accept" \
  -H "Content-Type: application/json" \
  -d "{\"email\":\"member@example.com\",\"password\":\"P@ssw0rd!\",\"confirmPassword\":\"P@ssw0rd!\",\"confirmJoin\":true,\"useCurrentAccount\":false}"

Reject invitation

`POST /api/v1/account/users/invitation/

Rejects an invitation.

Headers

  • Content-Type: application/json

Path parameters

  • invitationId
  • inviteeEmailHash - invitee e-mail hash from the invitation link

Request body fields

  • confirmReject - required, should be true

Response fields

  • success
  • message
  • user
  • page

Response codes

  • 200 OK
  • 400 Bad Request

Example

curl -X POST "http://Hide-My-Email.info/api/v1/account/users/invitation/inv_123/ABCDEF.../reject" \
  -H "Content-Type: application/json" \
  -d "{\"confirmReject\":true}"

Ignore invitation

`POST /api/v1/account/users/invitation/

Marks an invitation as ignored.

Headers

  • Content-Type: application/json

Path parameters

  • invitationId
  • inviteeEmailHash - invitee e-mail hash from the invitation link

Request body fields

  • confirmIgnore - required, should be true

Response fields

  • success
  • message
  • user
  • page

Response codes

  • 200 OK
  • 400 Bad Request

Example

curl -X POST "http://Hide-My-Email.info/api/v1/account/users/invitation/inv_123/ABCDEF.../ignore" \
  -H "Content-Type: application/json" \
  -d "{\"confirmIgnore\":true}"
© 2026 PrivacyGuard.company. All rights reserved.