Sailthru API

REST API for the Sailthru (Marigold) email marketing and personalization platform enabling programmatic user profile management, email send triggering, list management, content recommendations, and engagement analytics for media and e-commerce brands.

Evaluated Mar 07, 2026 (0d ago) vcurrent
Homepage ↗ Other sailthru marigold email personalization user-data recommendations media publishing
⚙ Agent Friendliness
49
/ 100
Can an agent use this?
🔒 Security
75
/ 100
Is it safe for agents?
⚡ Reliability
77
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
--
Documentation
72
Error Messages
70
Auth Simplicity
50
Rate Limits
62

🔒 Security

TLS Enforcement
100
Auth Strength
72
Scope Granularity
55
Dep. Hygiene
72
Secret Handling
75

All traffic over TLS. Per-request MD5 signatures prevent replay attacks but MD5 is cryptographically weak by modern standards. API secret is never transmitted directly, which is a security positive. No OAuth or granular scope control. Full account access with a single API key/secret pair. Webhook payload verification not provided natively.

⚡ Reliability

Uptime/SLA
82
Version Stability
78
Breaking Changes
75
Error Recovery
72
AF Security Reliability

Best When

You operate a media, publishing, or e-commerce brand already using Sailthru and need to programmatically sync user behavioral data, trigger personalized sends, or integrate Sailthru's recommendation engine with external systems.

Avoid When

You are not already invested in the Sailthru platform, or you need multi-channel marketing automation beyond email — simpler and cheaper ESPs provide equivalent email functionality without Sailthru's complexity.

Use Cases

  • Upsert user profiles with custom variables and purchase events from an e-commerce backend to power Sailthru's behavioral personalization engine
  • Trigger transactional email sends (order receipt, abandoned cart) via the Sailthru Send API with personalized template variables
  • Manage subscriber list memberships (add/remove users from lists) to keep Sailthru in sync with a master CRM or CDP
  • Pull user-level engagement data (email open history, click history, purchase history) from Sailthru for integration into a customer analytics platform
  • Retrieve personalized content recommendations for a user via the Content API to power on-site recommendation widgets

Not For

  • SMS or push notification campaigns — Sailthru is an email and personalization platform and does not provide native SMS or push channels
  • Small businesses without dedicated email marketing budgets — Sailthru's enterprise pricing and complexity are not appropriate for low-volume senders
  • Real-time high-frequency event streaming — the API is request-response oriented and not designed for streaming event ingestion at IoT or clickstream scale

Interface

REST API
Yes
GraphQL
No
gRPC
No
MCP Server
No
SDK
Yes
Webhooks
Yes

Authentication

Methods: api_key hmac
OAuth: No Scopes: No

Each API request requires an API key and a cryptographic signature (sig) parameter. The signature is computed as an MD5 hash of the concatenation of all parameter values (sorted alphabetically by key) plus the API secret. Both the api_key and sig parameters must be included in every request. The API secret is never sent directly. This scheme requires custom signature construction and is not compatible with standard HTTP auth libraries.

Pricing

Model: enterprise
Free tier: No
Requires CC: No

Sailthru is an enterprise email and personalization platform owned by Marigold. Pricing is not publicly listed. No self-serve or freemium tier. API access is included with platform subscriptions.

Agent Metadata

Pagination
offset
Idempotent
Partial
Retry Guidance
Not documented

Known Gotchas

  • The MD5 signature scheme requires careful parameter sorting and concatenation — even a single whitespace or encoding difference in parameter values will produce an invalid signature with a cryptic error message
  • User profiles in Sailthru are keyed by email address — if a user changes their email, the old and new profiles are separate records, and agents must explicitly merge them using the Sailthru merge API to avoid duplicate profiles
  • Template names used in Send API calls must match exactly (case-sensitive) the template names configured in the Sailthru UI — a mismatch returns an error that does not suggest the correct template name
  • The API uses POST with form-encoded or JSON body depending on the action type — some endpoints require a JSON parameter wrapped in a specific field name (e.g., json={}), which is non-standard and can cause confusion
  • Webhook postbacks (event notifications) do not include HMAC signatures by default — agents should configure IP allowlisting in the Sailthru dashboard to restrict webhook sources

Alternatives

klaviyo-api mailchimp-api braze-api iterable-api

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for Sailthru API.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

$3

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-07.

6292
Packages Evaluated
26150
Need Evaluation
173
Need Re-evaluation
Community Powered