Introduction
Keepable is a secure digital mailbox for Nigeria. Send mail, run e-signature agreements, and publish forms to recipients identified by NIN, email, or TIN, all over the Sender API.
Keepable is a secure digital mailbox. Businesses and government agencies deliver mail, run e-signature agreements, and publish forms to people identified by their NIN, email, or TIN, and recipients read it all in one inbox, on the web or on their phone.
You integrate over the Sender API: an OAuth2, server-to-server interface for
pushing content to recipients. Its base URL is https://api.keepable.co.
Send content
Deliver letters, payslips, invoices, agreements, and forms to a recipient.
API reference
The complete, generated request/response reference for every endpoint.
The shape of an integration
Every meaningful sender integration is the same three moves:
Authenticate. Exchange your client_id / client_secret for a bearer
token over OAuth2 client-credentials. See Authentication.
Check reachability. Ask which of your recipients are on Keepable before you spend work composing mail. See Recipient matching.
Deliver, then react. Send the content, then handle the asynchronous webhook that confirms it arrived (or that a previously retained item was delivered when the recipient finally signed up).
What you can send
The Sender API is not just letters. The content_type you choose changes how
the recipient app frames the item, and three capabilities go beyond plain mail:
| Capability | What it is | Guide |
|---|---|---|
| Content | Digital mail: letters, payslips, credit notices, invoices, campaign messages, survey invitations | Send content |
| Agreements | e-signature workflows that return a signed, PAdES-LTV covenant PDF | Agreements |
| Forms | Reusable form templates the recipient fills in from their inbox | Forms |
| Access delegation | Letting one tenant act on behalf of another | Access delegation |
A 60-second taste
Once you have a token, a single delivery is one call. Confirm the recipient is reachable, then post the content:
curl https://api.keepable.co/tenants/ten_01HXP/contents \
-H "Authorization: Bearer $KEEPABLE_TOKEN" \
-H "Keepable-Version: 2026-05-24" \
-H "Idempotency-Key: $(uuidgen)" \
-H "Content-Type: application/json" \
-d '{
"recipient": { "identifier_type": "nin", "identifier": "12345678901" },
"subject": "Your 2026 tax assessment",
"generated_at": "2026-05-24T09:00:00Z",
"content_type": "letter",
"retention_days": 390,
"parts": [
{ "name": "assessment.pdf", "media_type": "application/pdf", "data": "JVBERi0xLjcK..." }
]
}'{ "content_id": "cnt_01HXP", "status": "delivered" }A status of delivered means it is in the recipient's inbox now; retained
means they have not signed up yet and Keepable will hold it for them. The full
walkthrough is in Send content.
Conventions you will meet everywhere
Three headers and one error shape are constant across every Keepable surface. Skim them once and they stop being surprises:
Authentication
OAuth2 client-credentials, the scopes catalogue, and how tokens are scoped per credential.
Conventions
The Keepable-Version date header, Idempotency-Key on every mutation,
cursor pagination, and mTLS for tier-1 senders.
Errors
RFC 7807 application/problem+json, the full catalogue of problem types
and what each one means.
API reference
The complete, generated request/response reference for every endpoint, rendered from the OpenAPI spec.