GitHub Action email verification

Verify email lists in GitHub Actions

Run Verifly directly inside CI so email lists can be checked before they reach imports, test fixtures, seed jobs, or outbound campaigns.

Workflow stepAPI
uses: james-sib/verifly-email-verification-action@v1
with:
  api-key: ${{ secrets.VERIFLY_API_KEY }}
  file: emails.txt
  mode: verify
  output: verifly-results.json

Real-time SMTP mailbox checks

Single, batch, and async bulk verification

Disposable, role account, and catch-all detection

Pay-as-you-go credits with no subscription lock-in

Search fit

Built for GitHub Action email verification searches

Use Verifly when you need a simple API, predictable pricing, and clean JSON results before emails hit your product, CRM, or campaign tool.

Verify a CSV or text file before deployment
Block bad test or seed data from entering production
Upload JSON verification results as a workflow artifact
Use the public james-sib/verifly-email-verification-action@v1 action

Catch bad email data before it merges

The cheapest place to catch a bad email list is the same place you catch a failing test: in CI, before the change lands. A seed file with dead addresses, a newsletter export committed to the repo, or a fixtures list full of throwaway domains all sail through code review because no human reads 5,000 rows. A GitHub Action reads all of them, every push.

The Verifly action wraps the same verification API into a workflow step. You point it at a file, hand it your API key from repository secrets, and it verifies each address and writes structured JSON results. Combine that with a job that fails when any row is undeliverable, and a dirty list becomes a red check rather than a production bounce.

Because the key lives in GitHub Actions secrets and never touches the repo, and because credits are pay-as-you-go, wiring this into CI costs nothing until a workflow actually runs.

Add the step and gate the merge

  1. Create a Verifly key at verifly.email/api/v1/autonomous/register and add it as the repository secret VERIFLY_API_KEY.
  2. Add the verifly action step to your workflow, pointing file: at the list you want checked.
  3. Set mode: verify and an output: path so results land in a JSON file.
  4. Add a follow-up step that parses the JSON and exits non-zero if any row is undeliverable, turning a dirty list into a failed check.
  5. Optionally upload verifly-results.json as a workflow artifact for later inspection.
Full workflow that fails on bad addresses
name: verify-emails
on: [push]
jobs:
  check:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: james-sib/verifly-email-verification-action@v1
        with:
          api-key: ${{ secrets.VERIFLY_API_KEY }}
          file: emails.txt
          mode: verify
          output: verifly-results.json
      - name: Fail on undeliverable
        run: |
          bad=$(jq '[.results[] | select(.result=="undeliverable")] | length' verifly-results.json)
          echo "undeliverable rows: $bad"
          test "$bad" -eq 0
      - uses: actions/upload-artifact@v4
        with:
          name: verifly-results
          path: verifly-results.json

FAQ

Frequently asked questions

Where does my API key go in GitHub Actions?

Store it as a repository (or organization) secret named VERIFLY_API_KEY and reference it as ${{ secrets.VERIFLY_API_KEY }}. It is never written into the repo or logs.

Can the workflow fail the build on bad emails?

Yes. The action writes JSON results; add a follow-up step that parses them and exits non-zero when any row is undeliverable, so a dirty list blocks the merge like any failing test.

What can I point the action at?

Any text or CSV file of addresses in the repo — a seed file, a fixtures list, or a newsletter export. Set file: to its path.

Can I keep the results?

Set an output path and upload it with actions/upload-artifact so the per-row verdicts are downloadable from the workflow run.

Does running in CI cost anything when idle?

No. Verification runs only when the workflow runs, and credits are pay-as-you-go with no monthly minimum, so an unused workflow costs nothing.

What verdicts does the action return per row?

Each address comes back deliverable / undeliverable / risky with disposable, role, and catch-all flags, so you can gate on any of them, not just a single verdict.