TestTau
Sign in
TestTauUse public inboxes and hooks for fast public checks. Use private keyed mail and hooks when a test run needs account-owned captures and bearer-token reads.
Each workflow starts anonymous and fast, then moves to private account-owned tooling when the capture should not be readable by name alone.
Generate a unique inbox per run, send the verification email, then wait for the parsed message JSON from Playwright, Cypress, or CI.
INBOX="signup-$(openssl rand -hex 4)"
curl "https://mail.testtau.com/i/$INBOX/api/wait?timeout=15000&subject=Verify"Capture Stripe, Clerk, GitHub, or app webhooks, inspect headers and payloads, validate JSON Schema, and replay captured requests.
curl -X POST https://hook.testtau.com/ze6s8pqjx6 \
-H 'content-type: application/json' \
-d '{"event":"checkout.session.completed"}'Fail a build when an expected email or webhook never arrives. The wait and assert endpoints are small enough to drop into shell scripts.
HOOK_ADMIN_TOKEN="$(curl -fsS -X POST "https://hook.testtau.com/_/ze6s8pqjx6/api/admin-token" | jq -r .token)"
START=$(date +%s%3N)
curl -fsS -H "Authorization: Bearer $HOOK_ADMIN_TOKEN" \
"https://hook.testtau.com/_/ze6s8pqjx6/api/assert?since=$START&min_count=1"Signed-in users can protect one private inbox with an API key. Senders post email normally; readers must use a bearer token.
curl -H "Authorization: Bearer $TESTTAU_MAIL_KEY" \
"https://mail.testtau.com/private/i/<inbox>/api/wait?timeout=15000"Let external systems send webhooks without a key, while inspection, replay, configuration, wipe, and API reads stay protected.
curl -H "Authorization: Bearer $TESTTAU_HOOK_KEY" \
"https://hook.testtau.com/private/_/<hookId>/api/list"Give coding agents a test inbox and webhook skill so they can verify signups, inspect callbacks, and clean up test flows.
Skill: https://testtau.com/skills/testtau/SKILL.md
Index: https://testtau.com/llms.txt