Accounts

Intro

Endpoint: https://api.omnisend.com/api/accounts

Guide: How to create an account and log in

The Accounts API lets partners programmatically create Omnisend accounts, log users into Omnisend, and update brand information. It is designed for platform integrations that manage merchant onboarding and single sign-on flows on behalf of their users.

Authentication

All endpoints require an OAuth 2.0 access token obtained via the client credentials grant:

curl --request POST \
     --url 'https://app.omnisend.com/oauth2/token' \
     --header 'Content-Type: application/x-www-form-urlencoded' \
     --data-urlencode 'client_id=YOUR_CLIENT_ID' \
     --data-urlencode 'client_secret=YOUR_CLIENT_SECRET' \
     --data-urlencode 'grant_type=client_credentials' \
     --data-urlencode 'scope=accounts.write sessions.write'

Note: Access tokens expire after 2 hours. Request a new token when the current one expires.

OAuth scopes

ScopeDescription
accounts.writeCreate accounts
brands.writeUpdate brand information
sessions.writeCreate login tokens / sessions

Request only the scopes you need. For example, account creation requires accounts.write; updating a brand requires brands.write.

Field Validations

Account creation

FieldRequiredValidation
nameYes2–200 characters, no XSS, no URLs
websiteYesValid URL format
timezoneYesIANA Time Zone name (e.g. Europe/Vilnius)
currencyYesISO 4217 code (e.g. EUR, USD)
languageYesBCP 47 language tag (e.g. en)
user.emailYesValid email, max 100 characters
user.firstNameYes2–50 characters, no XSS, no URLs
user.lastNameYes2–50 characters, no XSS, no URLs
user.phoneNo4–20 characters, no XSS, no URLs
address.countryCodeYesISO 3166-1 alpha-2 (e.g. US, LT)
address.stateCodeConditionalRequired when countryCode is US. Exactly 2 letters
address.cityYes2–50 characters, no XSS, no URLs
address.addressYes5–100 characters, no XSS, no URLs
address.postCodeYes2–20 characters, no XSS, no URLs

Warning: If countryCode is US, the stateCode field is required. Omitting it returns a 400 error.

Brand update

All fields in the brand update request are optional — include only the fields you want to change. When providing an address object, at least one address field must be non-empty.

Error Responses

Errors follow RFC 9457 Problem Details format:

{
  "type": "https://api-docs.omnisend.com/reference/responses",
  "title": "Bad Request",
  "detail": "Validation failed",
  "status": 400,
  "errors": [
    {
      "field": "address.stateCode",
      "code": "required",
      "message": "state code required for US"
    }
  ]
}
StatusDescription
400Validation error — check the errors array
403Invalid or missing credentials
404Resource not found (brand update only)
412User email already exists (account creation only)

Example: Create Account

curl --request POST \
     --url https://api.omnisend.com/api/accounts \
     --header 'Authorization: Bearer YOUR_ACCESS_TOKEN' \
     --header 'Content-Type: application/json' \
     --data '{
  "name": "Omnisend",
  "website": "https://www.omnisend.com",
  "timezone": "Europe/Vilnius",
  "currency": "EUR",
  "language": "en",
  "user": {
    "email": "[email protected]",
    "firstName": "John",
    "lastName": "Doe"
  },
  "address": {
    "countryCode": "US",
    "stateCode": "FL",
    "city": "Los Angeles",
    "address": "33 W. Prairie St.",
    "postCode": "90034"
  }
}'

Response (201 Created):

{
  "accountID": "60a6170920d91c215e949b5a",
  "brandID": "60a6170920d91c215e949b5c",
  "userID": "60a6170920d91c215e949b5d"
}

Example: Update Brand

curl --request PATCH \
     --url https://api.omnisend.com/api/brands/current \
     --header 'Authorization: Bearer YOUR_ACCESS_TOKEN' \
     --header 'Content-Type: application/json' \
     --data '{
  "name": "Updated Name",
  "timezone": "America/New_York",
  "address": {
    "countryCode": "US",
    "stateCode": "NY",
    "city": "New York",
    "address": "123 Broadway",
    "postCode": "10001"
  }
}'

Response: 204 No Content

See Also