Everything you ever wanted to know about our API versioning

We’re extremely proud of our API, especially how we handle versioning. No matter how many updates and changes we ship, your API calls will always work. It’s similar to how Stripe tackles the same issue, with a few of our own tweaks and improvements. You can read all about it on the blog.

And, as a rather timely example, this month’s API version now assumes that any POST call to /v1/emails without a status value should be considered a draft. If you haven’t explicitly updated to the newest API version, this won’t affect you at all! For those on the newest API version, include a X-Buttondown-Live-Dangerously: true header to skip the draft stage. But first read the changelog update.

A lot of login updates coming your way

Passwords are a pain, so we did away with them! Go to the login page, select “Log in with a passkey,” verify your device, and say goodbye to your password forever (actually, no, definitely keep it somewhere safe, but you get the idea)!

Another option is to use your newly created passkey for two-factor authentication. Open the Sign in & security menu in your Buttondown Account dashboard and click “Add another way to sign in or verify.” While you’re there, please, please scroll down to “Recovery options” and click Generate (only visible if you’ve created a passkey) so you have yet another way to prove who you are in case anything goes awry with your login credentials.

From the blog

Humans are (hopefully!) headed back to the moon this month, 35 years after the first email sent from space. Even if checking their inboxes this time is faster and simpler than it was back then, a surprising amount of email protocol and infrastructure is mostly the same today. Most of today’s messages are still handled by mail transfer agents that have been around for decades before AI co-opted the term.

On the geekier side of things, we also published another article in our Ask A Nerd series about what happens when someone clicks the Spam button in their email client (and tips for preventing it from happening to your newsletter). And, although they usually would have been changelog updates, Tanvir wrote an extraordinary explanation of how we migrated to something called TypeIDs, and Matias published a detailed breakdown of how we enabled the Content Security Policy for everyone.

Other stuff

• Want to know which emails performed better than your average? You can now sort everything you’ve sent by open, click and delivery rates.

• For anyone who accidentally (purposefully?!) created multiple metadata keys for the same variable, the new Rename metadata menu is calling your name.

• Saving the absolute best for last, we made a bunch of updates to our legal docs, including our data processing agreement, privacy policy, and a few others (don’t worry, everything is covered in plain language!).