The Scenario
The security review is next week and you just found out your team has 15 MailerSend API tokens with names like "test2" and "dev-old."
You are a security engineer at a B2B SaaS company. MailerSend is in your transactional email stack. Over two years of development, multiple engineers have created API tokens — for local testing, for CI pipelines, for integrations that were later replaced. Nobody ever deleted the old ones. The security review requires you to produce a list of every active credential with its assigned permission scope and flag anything that has broader access than it needs or has not been rotated in more than 90 days.
The bad version:
- Open MailerSend's API token management page, note that there is no export button — just a table in the UI.
- Start copying token names, status, and creation dates into a Google Sheet by hand, one row at a time.
- Reach token 8 and discover that the scope column in the UI truncates long scope strings, so you have to click into each token to read the full permission set.
Fifteen tokens. Fifteen click-into-and-read sequences. Two hours gone before you have even started the analysis.
The Easy Way: One Prompt in SheetXAI
SheetXAI is an AI agent that lives inside your Google Sheet. It connects to MailerSend and can pull the full API token list with scopes and creation dates into the sheet in one pass — no UI clicking, no manual copying.
Pull all MailerSend API tokens into this sheet with their name, status, assigned scopes, and creation date in columns A through D
What You Get
- One row per API token
- Column A: token name
- Column B: token status (active or disabled)
- Column C: assigned permission scopes as a readable string
- Column D: creation date formatted as a date string
- Full scope values, not truncated — everything MailerSend returns
What If the Data Is Not Quite Ready
You want to flag tokens created more than 90 days ago
Pull all MailerSend API tokens with name, status, scopes, and creation date into columns A through D, then in column E write REVIEW for any token where the creation date in column D is more than 90 days before today
You want to separate active from disabled tokens
List all MailerSend API tokens with name, status, scopes, and creation date in columns A through D, then in column E write ACTIVE or DISABLED based on column B so you can sort and filter by status
You want to flag tokens with full-access or email-full scopes
Pull all MailerSend tokens with name, status, and scopes into columns A through C, then in column D write ELEVATED SCOPE for any token where column C contains the text email:full or the text full
Full kill chain: pull tokens, flag risks, and write a security summary
List all MailerSend API tokens with name, status, scopes, and creation date in columns A through D, flag in column E any token that is active and has elevated scopes or was created more than 90 days ago, count the flagged tokens and write the total in cell G1 with the label Tokens Requiring Review, and list the names of flagged tokens in column G starting at G2
The pull and the risk analysis are part of the same pass — you do not need separate steps for retrieval and flagging.
Try It
Open the Google Sheet you are using for the security review, then Get the 7-day free trial of SheetXAI and ask it to pull your MailerSend API token inventory. You can pair this with pulling SMTP users or webhook configurations for a complete credentials audit.