The /users/ping endpoint does nothing except confirm your API key is valid. It's the cheapest possible call — use it to sanity-check your credentials before debugging anything more complex.

Try it

Success. Your API key is valid.'; } else { echo '

Call failed. See the response below for details.

'; } render_debug($result); } ?>

What the code looks like

The whole thing, minus the HTML wrapper, is this:

require 'lib.php';

$result = mandrill_call('/users/ping');

if (!mandrill_is_error($result)) {
    echo "API key works";
}

And mandrill_call() (from lib.php) is just a thin cURL wrapper:

function mandrill_call($endpoint, $params = []) {
    $params['key'] = MANDRILL_API_KEY;
    $ch = curl_init(MANDRILL_API_BASE . $endpoint);
    curl_setopt_array($ch, [
        CURLOPT_RETURNTRANSFER => true,
        CURLOPT_POST           => true,
        CURLOPT_HTTPHEADER     => ['Content-Type: application/json'],
        CURLOPT_POSTFIELDS     => json_encode($params),
    ]);
    $response = curl_exec($ch);
    curl_close($ch);
    return json_decode($response, true);
}

What to expect

A successful ping returns the literal string "PONG!" wrapped in a JSON object:

{
    "PING": "PONG!"
}

If the key is wrong, you'll get an error object:

{
    "status":  "error",
    "code":    -1,
    "name":    "Invalid_Key",
    "message": "Invalid API key"
}

That {status: "error", ...} shape is every Mandrill error — worth recognising, because that's what mandrill_is_error() in lib.php checks for.

→ Next: list the allowlist