Intro
Endpoint: https://api.omnisend.com/api/accounts
Guide: How to create an account and log in
The Accounts API lets partners programmatically create Omnisend accounts, log users into Omnisend, and update brand information. It is designed for platform integrations that manage merchant onboarding and single sign-on flows on behalf of their users.
Authentication
All endpoints require an OAuth 2.0 access token obtained via the client credentials grant:
curl --request POST \
--url 'https://app.omnisend.com/oauth2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id=YOUR_CLIENT_ID' \
--data-urlencode 'client_secret=YOUR_CLIENT_SECRET' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'scope=accounts.write sessions.write'Note: Access tokens expire after 2 hours. Request a new token when the current one expires.
OAuth scopes
| Scope | Description |
|---|---|
| accounts.write | Create accounts |
| brands.write | Update brand information |
| sessions.write | Create login tokens / sessions |
Request only the scopes you need. For example, account creation requires accounts.write; updating a brand requires brands.write.
Field Validations
Account creation
| Field | Required | Validation |
|---|---|---|
| name | Yes | 2–200 characters, no XSS, no URLs |
| website | Yes | Valid URL format |
| timezone | Yes | IANA Time Zone name (e.g. Europe/Vilnius) |
| currency | Yes | ISO 4217 code (e.g. EUR, USD) |
| language | Yes | BCP 47 language tag (e.g. en) |
| user.email | Yes | Valid email, max 100 characters |
| user.firstName | Yes | 2–50 characters, no XSS, no URLs |
| user.lastName | Yes | 2–50 characters, no XSS, no URLs |
| user.phone | No | 4–20 characters, no XSS, no URLs |
| address.countryCode | Yes | ISO 3166-1 alpha-2 (e.g. US, LT) |
| address.stateCode | Conditional | Required when countryCode is US. Exactly 2 letters |
| address.city | Yes | 2–50 characters, no XSS, no URLs |
| address.address | Yes | 5–100 characters, no XSS, no URLs |
| address.postCode | Yes | 2–20 characters, no XSS, no URLs |
Warning: If
countryCodeisUS, thestateCodefield is required. Omitting it returns a400error.
Brand update
All fields in the brand update request are optional — include only the fields you want to change. When providing an address object, at least one address field must be non-empty.
Error Responses
Errors follow RFC 9457 Problem Details format:
{
"type": "https://api-docs.omnisend.com/reference/responses",
"title": "Bad Request",
"detail": "Validation failed",
"status": 400,
"errors": [
{
"field": "address.stateCode",
"code": "required",
"message": "state code required for US"
}
]
}| Status | Description |
|---|---|
| 400 | Validation error — check the errors array |
| 403 | Invalid or missing credentials |
| 404 | Resource not found (brand update only) |
| 412 | User email already exists (account creation only) |
Example: Create Account
curl --request POST \
--url https://api.omnisend.com/api/accounts \
--header 'Authorization: Bearer YOUR_ACCESS_TOKEN' \
--header 'Content-Type: application/json' \
--data '{
"name": "Omnisend",
"website": "https://www.omnisend.com",
"timezone": "Europe/Vilnius",
"currency": "EUR",
"language": "en",
"user": {
"email": "[email protected]",
"firstName": "John",
"lastName": "Doe"
},
"address": {
"countryCode": "US",
"stateCode": "FL",
"city": "Los Angeles",
"address": "33 W. Prairie St.",
"postCode": "90034"
}
}'Response (201 Created):
{
"accountID": "60a6170920d91c215e949b5a",
"brandID": "60a6170920d91c215e949b5c",
"userID": "60a6170920d91c215e949b5d"
}Example: Update Brand
curl --request PATCH \
--url https://api.omnisend.com/api/brands/current \
--header 'Authorization: Bearer YOUR_ACCESS_TOKEN' \
--header 'Content-Type: application/json' \
--data '{
"name": "Updated Name",
"timezone": "America/New_York",
"address": {
"countryCode": "US",
"stateCode": "NY",
"city": "New York",
"address": "123 Broadway",
"postCode": "10001"
}
}'Response: 204 No Content