Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Is it possible to create a "development" API key for Mandrill?

Tags:

mandrill

I'm using Mandrill to send emails from my Rails 3 application. In production, I use the API key I set up in their admin console. To prevent dev and test SNAFUs that might email all our users, I've put garbage keys in the development and test environment config and I only put the real key in the production config. Mandrill allows you to create multiple API keys. Does anyone know if there's a way to configure Mandrill such that an API call to send an email using the development or test key will fail unless a certain precondition is met (e.g. email domain matches mycompany.com)?

like image 570
Chris B Avatar asked Apr 01 '13 23:04

Chris B


3 Answers

Mandril now have added test API keys. Read More on their site

like image 185
Alexandru R Avatar answered Jan 02 '23 21:01

Alexandru R


Mandrill API keys all function the same and have full access for all API calls in the account. There's not currently a concept of a development, sandbox or test key, or scoping API keys. However, test mode/functionality is on the development roadmap. I don't currently have an ETA, but it's definitely something we're working on.

EDITED TO ADD: As of the time of this answer originally, this wasn't possible. Mandrill does now have a test mode.

like image 38
Kaitlin Avatar answered Jan 02 '23 20:01

Kaitlin


There are two possible approaches to creating a "development" API key in Mandrill, which serve different use cases:

  1. Create a Test Key. No emails sent using this key will actually be sent. This is the simplest approach, and appropriate if your testing flow doesn't require you to actually receive your test emails. (You can still see the content of the emails that would have been sent in the Outbound tab.)

  2. Create a live API key, and use the Rules Engine to make it so that emails sent with this key will be automatically rejected unless the recipient address matches some pattern. You should use this approach if your testing flow requires actually receiving the emails you send - for example, if you have an automated end-to-end test of your password reset functionality.

Approach 1: Using Test Mode

Test Mode was added to Mandrill in 2013. To use it, first create a Test Key from the API Keys subsection of the SMTP & API Info section of the Settings tab. The first key you create here will always be a live key, but if you click "New API Key" a second time, you will be able to choose to create a test key:

Screenshot showing the "Test Key" checkbox

Once you've done that, "send" some emails using the Test Key (the emails won't actually be sent) and click the Turn on test Mode option from the dropdown menu at the top-right of the screen:

Screenshot showing how to turn on Test Mode

While the admin panel is in Test Mode, if you go to the Outbound tab you will be able to see emails you've asked Mandrill to send with your test API key, as if they had really been sent.

Approach 2: Using the Rules Engine

First, create a new live API key from the API Keys subsection of the SMTP & API Info section of the Settings tab. You must give the key a Description, or you will not be able to refer to it from the Rules Engine.

Next, go to the Rules section of the Outbound tab and click "Add Rule":

Image showing 'outbound', 'rules' and 'add rule'

From the Rules interface, set up a rule that will reject emails if the API key is your test key and the recipient's email matches some pattern of your choosing. The pattern could be a single email address like [email protected], or it could be an entire domain, like *@yourdomain.com.

Example rules

In case you want to craft your own, complicated pattern, note that per the docs, Mandrill uses Python's fnmatch module to match your patterns against email addresses (which uses glob syntax, which you may be familiar with from your shell if you use Unix).

Emails you send using this key to domains matching your pattern will really be sent and show up in the live Outbound tab. Ones that don't match the pattern will not be sent and will show up as "rejected" in the live Outbound tab.

like image 43
Mark Amery Avatar answered Jan 02 '23 20:01

Mark Amery