This is the endpoint from the docs page you shared: POST /allowlists/add. It takes an email address and an optional free-text comment, and allowlists that address so it can't be auto-rejected. If the address is currently on the denylist, the add call removes it from there automatically.

Try it

trim($_POST['email'])]; if (!empty($_POST['comment'])) { $params['comment'] = trim($_POST['comment']); } $result = mandrill_call('/allowlists/add', $params); // --------------------------------------------------------- if (!mandrill_is_error($result)) { $added = $result['decoded']['added'] ?? false; if ($added) { echo '

Added. ' . h($params['email']) . ' is now on the allowlist.

'; } else { echo '

Already on the allowlist. ' . 'The API returned added: false, which means the address ' . 'was already allowlisted — not an error.

'; } } render_debug($result); } ?>

The call

$result = mandrill_call('/allowlists/add', [
    'email'   => 'user@example.com',
    'comment' => 'VIP customer',      // optional
]);

if ($result['decoded']['added']) {
    echo 'Newly added';
} else {
    echo 'Was already on the list';
}

Request parameters

Field	Required	Notes
`key`	yes	Your API key. Added automatically by the wrapper.
`email`	yes	The address to allowlist.
`comment`	no	Free-text note. Shown in the `detail` field when you list the allowlist.

Response shape

{
    "email": "user@example.com",
    "added": true
}

added: true means it's new. added: false means it was already there — both are successful HTTP 200 responses, so check the added field specifically if you care which it was.

→ Next: remove an email from the allowlist