> ## Documentation Index
> Fetch the complete documentation index at: https://documentation.onesignal.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Unsubscribe email with token

> Unsubscribe an email address from future messages by calling this API from your custom unsubscribe page. Automatically disables the associated email subscription using a token-based approach.

## Overview

Use this API to unsubscribe an email address directly from your custom unsubscribe landing page. It is ideal when building branded opt-out experiences and enables you to track which email caused the unsubscribe.

When invoked, this endpoint:

* Sets the email Subscription's `enabled` property to `false`
* Prevents further messages from being sent to the email address unless explicitly overridden (see [Overriding unsubscribes](/reference/email#body-include-unsubscribed))
* Email Subscriptions can be re-subscribed using the [Update Subscription](/reference/update-subscription) API

<Tip>
  For instructions on setting up a custom unsubscribe page, see [Create a Custom Unsubscribe Page](/docs/en/create-custom-unsubscribe-page).
</Tip>

***

## How to Use This API

### Step 1: Set Up Your Custom Unsubscribe Page

Follow the guide to [Create a Custom Unsubscribe Page](/docs/en/create-custom-unsubscribe-page). You'll add a custom unsubscribe URL to your email templates using Liquid syntax.

Example URL in your email template:

```liquid theme={null}
https://yourdomain.com/unsubscribe?app_id={{ app_id }}&notification_id={{ notification_id }}&token={{ token }}
```

### Step 2: Extract the Parameters

When a user clicks the unsubscribe link, your custom unsubscribe page should extract the following from the URL:

* `app_id`: OneSignal app ID
* `notification_id`: The ID of the specific email message sent
* `token`: The email token, a secure reference to the subscription

### Step 3: Call the API

When the user confirms they want to unsubscribe (e.g., clicks a button on your unsubscribe page), make a POST request to this endpoint:

```
POST /apps/{app_id}/notifications/{notification_id}/unsubscribe?token={token}
```

Example Request (JavaScript):

```js theme={null}
fetch("https://api.onesignal.com/apps/your-app-id/notifications/your-notification-id/unsubscribe?token=abc123xyz", {
  method: "POST"
});
```

<Info>
  No request body or authentication is required. The token acts as a secure identifier.
</Info>

<Note>
  * This API only works for email subscriptions.
  * It should only be used from a server or frontend context that you control (e.g., your custom unsubscribe page).
  * Once unsubscribed, the email address will not receive future emails from your app unless resubscribed.
</Note>

***


## OpenAPI

````yaml POST /apps/{app_id}/notifications/{notification_id}/unsubscribe?token={token}
openapi: 3.1.0
info:
  title: api.onesignal.com
  version: '11.6'
servers:
  - url: https://api.onesignal.com
security:
  - {}
paths:
  /apps/{app_id}/notifications/{notification_id}/unsubscribe?token={token}:
    post:
      summary: Unsubscribe email (with token)
      description: >-
        Unsubscribe an email address from future messages by calling this API
        from your custom unsubscribe page. Automatically disables the associated
        email subscription using a token-based approach.
      operationId: unsubscribe-with-token
      parameters:
        - name: token
          in: query
          description: >-
            The unsubscribe token that is generated via liquid syntax
            `{{subscription.unsubscribe_token}}` when personalizing an email.
            See [Create a Custom Unsubscribe
            Page](/docs/create-custom-unsubscribe-page) for setup details.
          schema:
            type: string
        - name: app_id
          in: path
          description: >-
            Your OneSignal App ID in UUID v4 format. See [Keys &
            IDs](/docs/en/keys-and-ids).
          schema:
            type: string
          required: true
        - name: notification_id
          in: path
          description: >-
            The "id" of the email message. Can be passed into the request from
            the email received by the user with liquid syntax `{{message.id}}`.
            See [Create a Custom Unsubscribe
            Page](/docs/create-custom-unsubscribe-page) for setup details.
          schema:
            type: string
          required: true
      responses:
        '202':
          description: '202'
          content:
            application/json:
              examples:
                Result:
                  value:
                    success: 'true'
              schema:
                type: object
                properties:
                  success:
                    type: string
                    example: 'true'
        '400':
          description: '400'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/BasicErrorResponse'
              example:
                errors:
                  - Details about the error.
        '403':
          description: '403'
          content:
            application/json:
              examples:
                Result:
                  value:
                    errors:
                      - Forbidden
              schema:
                $ref: '#/components/schemas/BasicErrorResponse'
        '404':
          description: '404'
          content:
            application/json:
              examples:
                Result:
                  value:
                    errors:
                      - code: subscription-0
                        title: Subscription not found
              schema:
                $ref: '#/components/schemas/StructuredErrorResponse'
        '429':
          description: '429'
          content:
            application/json:
              examples:
                Result:
                  value:
                    errors:
                      - code: Rate Limit Exceeded
                        title: Example error title
                        meta: {}
              schema:
                $ref: '#/components/schemas/StructuredErrorResponse'
          headers:
            Retry-After:
              description: >-
                Number of seconds to wait before retrying the request. Always
                emitted on 429 responses.
              schema:
                type: integer
                minimum: 0
        '503':
          description: >-
            Service temporarily unavailable. Retry after a short backoff. The
            body may be empty or non-JSON in some failure modes.
          headers:
            Retry-After:
              description: >-
                Number of seconds to wait before retrying. Optional — may be
                absent when the response is generated upstream.
              schema:
                type: integer
                minimum: 0
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/BasicErrorResponse'
              example:
                errors:
                  - Service temporarily unavailable
      deprecated: false
      security: []
      x-codeSamples:
        - lang: typescript
          label: Node.js SDK
          source: >-
            import Onesignal from '@onesignal/node-onesignal';


            const configuration = Onesignal.createConfiguration({
                restApiKey: 'YOUR_REST_API_KEY',
            });

            const apiInstance = new Onesignal.DefaultApi(configuration);


            // string | The OneSignal App ID for your app.  Available in Keys &
            IDs.

            const appId: string = "00000000-0000-0000-0000-000000000000";

            // string | The id of the message found in the creation notification
            POST response, View Notifications GET response, or URL within the
            Message Report.

            const notificationId: string =
            "b3a0c8bd-3a4c-4b22-9a73-3f1a8c2d1b88";

            // string | The unsubscribe token that is generated via liquid
            syntax in {{subscription.unsubscribe_token}} when personalizing an
            email.

            const token: string = "YOUR_TOKEN_ID";


            try {
              const response = await apiInstance.unsubscribeEmailWithToken(appId, notificationId, token);
              console.log(response);
            } catch (e) {
              if (e instanceof Onesignal.ApiException) {
                // `e.errorMessages` flattens any error-envelope shape to a `string[]`;
                // the raw parsed body remains on `e.body`.
                console.error("unsubscribeEmailWithToken failed: HTTP " + e.code, e.errorMessages);
              } else {
                throw e;
              }
            }
        - lang: python
          label: Python SDK
          source: >-
            import onesignal

            from onesignal.api import default_api

            from onesignal.models import *

            from pprint import pprint


            # See configuration.py for a list of all supported configuration
            parameters.

            # Some of the OneSignal endpoints require ORGANIZATION_API_KEY token
            for authorization, while others require REST_API_KEY.

            # We recommend adding both of them in the configuration page so that
            you will not need to figure it out yourself.

            configuration = onesignal.Configuration(
                rest_api_key = "YOUR_REST_API_KEY", # App REST API key required for most endpoints
                organization_api_key = "YOUR_ORGANIZATION_API_KEY" # Organization key is only required for creating new apps and other top-level endpoints
            )



            # Enter a context with an instance of the API client

            with onesignal.ApiClient(configuration) as api_client:
                # Create an instance of the API class
                api_instance = default_api.DefaultApi(api_client)
                app_id = "00000000-0000-0000-0000-000000000000" # The OneSignal App ID for your app.  Available in Keys & IDs. 
                notification_id = "b3a0c8bd-3a4c-4b22-9a73-3f1a8c2d1b88" # The id of the message found in the creation notification POST response, View Notifications GET response, or URL within the Message Report. 
                token = "YOUR_TOKEN_ID" # The unsubscribe token that is generated via liquid syntax in {{subscription.unsubscribe_token}} when personalizing an email. 

                try:
                    # Unsubscribe with token
                    api_response = api_instance.unsubscribe_email_with_token(app_id, notification_id, token)
                    pprint(api_response)
                except onesignal.ApiException as e:
                    print("Exception when calling DefaultApi->unsubscribe_email_with_token: %s\n" % e)
                    print("Status Code: %s" % e.status)
                    print("Response Body: %s" % e.body)
        - lang: php
          label: PHP SDK
          source: >-
            <?php

            require_once(__DIR__ . '/vendor/autoload.php');



            // Configure Bearer authorization: rest_api_key

            $config = onesignal\client\Configuration::getDefaultConfiguration()
                                                            ->setRestApiKeyToken('YOUR_REST_API_KEY')
                                                            ->setOrganizationApiKeyToken('YOUR_ORGANIZATION_API_KEY');



            $apiInstance = new onesignal\client\Api\DefaultApi(
                // If you want use custom http client, pass your client which implements `GuzzleHttp\ClientInterface`.
                // This is optional, `GuzzleHttp\Client` will be used as default.
                new GuzzleHttp\Client(),
                $config
            );

            $app_id = '00000000-0000-0000-0000-000000000000'; // string | The
            OneSignal App ID for your app.  Available in Keys & IDs.

            $notification_id = 'b3a0c8bd-3a4c-4b22-9a73-3f1a8c2d1b88'; // string
            | The id of the message found in the creation notification POST
            response, View Notifications GET response, or URL within the Message
            Report.

            $token = 'YOUR_TOKEN_ID'; // string | The unsubscribe token that is
            generated via liquid syntax in {{subscription.unsubscribe_token}}
            when personalizing an email.


            try {
                $result = $apiInstance->unsubscribeEmailWithToken($app_id, $notification_id, $token);
                print_r($result);
            } catch (\onesignal\client\ApiException $e) {
                echo 'Exception when calling DefaultApi->unsubscribeEmailWithToken: ', $e->getMessage(), PHP_EOL;
                echo 'Status Code: ', $e->getCode(), PHP_EOL;
                // getErrorMessages() flattens any error-envelope shape to a string[];
                // the raw body remains on getResponseBody().
                echo 'Error Messages: ', implode(', ', $e->getErrorMessages()), PHP_EOL;
                echo 'Response Body: ', $e->getResponseBody(), PHP_EOL;
            } catch (\Exception $e) {
                echo 'Exception when calling DefaultApi->unsubscribeEmailWithToken: ', $e->getMessage(), PHP_EOL;
            }
        - lang: go
          label: Go SDK
          source: |-
            package main

            import (
                "context"
                "fmt"
                "os"

                "github.com/OneSignal/onesignal-go-api/v5"
            )

            func main() {
                appId := "00000000-0000-0000-0000-000000000000" // string | The OneSignal App ID for your app.  Available in Keys & IDs.
                notificationId := "b3a0c8bd-3a4c-4b22-9a73-3f1a8c2d1b88" // string | The id of the message found in the creation notification POST response, View Notifications GET response, or URL within the Message Report.
                token := "YOUR_TOKEN_ID" // string | The unsubscribe token that is generated via liquid syntax in {{subscription.unsubscribe_token}} when personalizing an email.

                configuration := onesignal.NewConfiguration()
                apiClient := onesignal.NewAPIClient(configuration)

                restAuth := context.WithValue(context.Background(), onesignal.RestApiKey, "YOUR_REST_API_KEY") // App REST API key required for most endpoints

                resp, r, err := apiClient.DefaultApi.UnsubscribeEmailWithToken(restAuth, appId, notificationId).Token(token).Execute()

                if err != nil {
                    fmt.Fprintf(os.Stderr, "Error when calling `DefaultApi.UnsubscribeEmailWithToken``: %v\n", err)
                    fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
                    if apiErr, ok := err.(*onesignal.GenericOpenAPIError); ok {
                        // ErrorMessages() flattens any error-envelope shape to a []string;
                        // the raw body remains on Body().
                        fmt.Fprintf(os.Stderr, "Error Messages: %v\n", apiErr.ErrorMessages())
                        fmt.Fprintf(os.Stderr, "Response Body: %s\n", apiErr.Body())
                    }
                }
                // response from `UnsubscribeEmailWithToken`: GenericSuccessBoolResponse
                fmt.Fprintf(os.Stdout, "Response from `DefaultApi.UnsubscribeEmailWithToken`: %v\n", resp)
            }
        - lang: ruby
          label: Ruby SDK
          source: >-
            require 'onesignal'

            # setup authorization

            OneSignal.configure do |config|
              # Configure Bearer authorization: rest_api_key
              config.rest_api_key = 'YOUR_REST_API_KEY'

            end


            api_instance = OneSignal::DefaultApi.new

            app_id = '00000000-0000-0000-0000-000000000000' # String | The
            OneSignal App ID for your app.  Available in Keys & IDs.

            notification_id = 'b3a0c8bd-3a4c-4b22-9a73-3f1a8c2d1b88' # String |
            The id of the message found in the creation notification POST
            response, View Notifications GET response, or URL within the Message
            Report.

            token = 'YOUR_TOKEN_ID' # String | The unsubscribe token that is
            generated via liquid syntax in {{subscription.unsubscribe_token}}
            when personalizing an email.


            begin
              # Unsubscribe with token
              result = api_instance.unsubscribe_email_with_token(app_id, notification_id, token)
              p result
            rescue OneSignal::ApiError => e
              puts "Error when calling DefaultApi->unsubscribe_email_with_token: #{e}"
              puts "Status Code: #{e.code}"
              # `e.error_messages` flattens any error-envelope shape to an Array<String>;
              # the raw body remains on `e.response_body`.
              puts "Error Messages: #{e.error_messages}"
              puts "Response Body: #{e.response_body}"
            end
        - lang: java
          label: Java SDK
          source: |-
            // Import classes:
            import com.onesignal.client.ApiClient;
            import com.onesignal.client.ApiException;
            import com.onesignal.client.Configuration;
            import com.onesignal.client.auth.*;
            import com.onesignal.client.model.*;
            import com.onesignal.client.api.DefaultApi;

            public class Example {
              public static void main(String[] args) {
                ApiClient defaultClient = Configuration.getDefaultApiClient();
                defaultClient.setBasePath("https://api.onesignal.com");
                
                // Configure HTTP bearer authorization: rest_api_key
                HttpBearerAuth rest_api_key = (HttpBearerAuth) defaultClient.getAuthentication("rest_api_key");
                rest_api_key.setBearerToken("YOUR_REST_API_KEY");

                DefaultApi apiInstance = new DefaultApi(defaultClient);
                String appId = "00000000-0000-0000-0000-000000000000"; // String | The OneSignal App ID for your app.  Available in Keys & IDs.
                String notificationId = "b3a0c8bd-3a4c-4b22-9a73-3f1a8c2d1b88"; // String | The id of the message found in the creation notification POST response, View Notifications GET response, or URL within the Message Report.
                String token = "YOUR_TOKEN_ID"; // String | The unsubscribe token that is generated via liquid syntax in {{subscription.unsubscribe_token}} when personalizing an email.
                try {
                  GenericSuccessBoolResponse result = apiInstance.unsubscribeEmailWithToken(appId, notificationId, token);
                  System.out.println(result);
                } catch (ApiException e) {
                  System.err.println("Exception when calling DefaultApi#unsubscribeEmailWithToken");
                  System.err.println("Status code: " + e.getCode());
                  // getErrorMessages() flattens any error-envelope shape to a List<String>;
                  // the raw body remains on getResponseBody().
                  System.err.println("Error messages: " + e.getErrorMessages());
                  System.err.println("Reason: " + e.getResponseBody());
                  System.err.println("Response headers: " + e.getResponseHeaders());
                  e.printStackTrace();
                }
              }
            }
        - lang: csharp
          label: C# SDK
          source: |-
            using System;
            using System.Collections.Generic;
            using System.Diagnostics;
            using OneSignalApi.Api;
            using OneSignalApi.Client;
            using OneSignalApi.Model;

            namespace Example
            {
                public class UnsubscribeEmailWithTokenExample
                {
                    public static void Main()
                    {
                        Configuration config = new Configuration();
                        config.BasePath = "https://api.onesignal.com";
                        // Configure Bearer token for authorization: rest_api_key
                        config.AccessToken = "YOUR_REST_API_KEY";

                        var apiInstance = new DefaultApi(config);
                        var appId = "00000000-0000-0000-0000-000000000000";  // string | The OneSignal App ID for your app.  Available in Keys & IDs.
                        var notificationId = "b3a0c8bd-3a4c-4b22-9a73-3f1a8c2d1b88";  // string | The id of the message found in the creation notification POST response, View Notifications GET response, or URL within the Message Report.
                        var token = "YOUR_TOKEN_ID";  // string | The unsubscribe token that is generated via liquid syntax in {{subscription.unsubscribe_token}} when personalizing an email.

                        try
                        {
                            // Unsubscribe with token
                            GenericSuccessBoolResponse result = apiInstance.UnsubscribeEmailWithToken(appId, notificationId, token);
                            Debug.WriteLine(result);
                        }
                        catch (ApiException  e)
                        {
                            Debug.Print("Exception when calling DefaultApi.UnsubscribeEmailWithToken: " + e.Message );
                            Debug.Print("Status Code: "+ e.ErrorCode);
                            // e.ErrorMessages flattens any error-envelope shape to an IReadOnlyList<string>;
                            // the raw body remains on e.ErrorContent.
                            Debug.Print("Error Messages: " + string.Join(", ", e.ErrorMessages));
                            Debug.Print("Response Body: " + e.ErrorContent);
                            Debug.Print(e.StackTrace);
                        }
                    }
                }
            }
        - lang: rust
          label: Rust SDK
          source: |-
            use onesignal_rust_api::apis::configuration::Configuration;
            use onesignal_rust_api::apis::default_api;


            #[tokio::main]
            async fn main() {
                let mut configuration = Configuration::new();
                configuration.rest_api_key_token = Some("YOUR_REST_API_KEY".to_string());


                // Realistic values are pulled from the spec's `example:` fields where present.
                let app_id: &str = "00000000-0000-0000-0000-000000000000";
                let notification_id: &str = "b3a0c8bd-3a4c-4b22-9a73-3f1a8c2d1b88";
                let token: &str = "YOUR_TOKEN_ID";

                match default_api::unsubscribe_email_with_token(&configuration, app_id, notification_id, token).await {
                    Ok(resp) => println!("{:?}", resp),
                    Err(e @ onesignal_rust_api::apis::Error::ResponseError(_)) => {
                        // `e.error_messages()` flattens any error-envelope shape to a Vec<String>;
                        // the raw response remains on the ResponseError variant.
                        eprintln!("unsubscribe_email_with_token failed: {:?}", e.error_messages());
                    }
                    Err(e) => eprintln!("unsubscribe_email_with_token failed: {:?}", e),
                }
            }
components:
  schemas:
    BasicErrorResponse:
      type: object
      properties:
        errors:
          type: array
          items:
            type: string
          description: One or more human-readable error messages.
        success:
          type: boolean
          description: >-
            Present (and `false`) on some endpoints (notifications, templates,
            segments). Not emitted by every endpoint.
        reference:
          type: array
          items:
            type: string
          description: >-
            Documentation URL fragments related to the error. Only emitted by
            the API-key auth error helpers.
    StructuredErrorResponse:
      type: object
      properties:
        errors:
          type: array
          items:
            $ref: '#/components/schemas/StructuredErrorItem'
    StructuredErrorItem:
      type: object
      required:
        - code
        - title
      properties:
        code:
          type: string
          description: >-
            Stable error-code identifier. Use this for programmatic branching in
            your integration.
        title:
          type: string
          description: >-
            Human-readable error message intended for logs and operator-facing
            surfaces.
        meta:
          type: object
          additionalProperties: true
          description: >-
            Optional structured details about this specific error. The shape of
            `meta` varies by `code` — for example, the create-user `Conflict`
            code returns `{ conflicting_aliases: { [alias_label]: alias_id } }`.

````