Locate your Site ID and API Key in the Customer.io dashboard under Settings > Account Settings > API Credentials; these are used for the Track API (behavioral data ingestion).
Identify or create a person by sending a PUT or POST request to https://track.customer.io/api/v1/customers/{customer_id} with Basic auth (site_id as username, api_key as password) and a JSON body of attributes.
Track an event by POSTing to https://track.customer.io/api/v1/customers/{customer_id}/events with the event name and optional data object.
For transactional sends, use the Transactional API (separate base URL https://api.customer.io/v1/send/email) with a Bearer token (generated from App API Keys, not the Track API key) and a body specifying transactional_message_id, to, and identifiers.
Verify delivery by checking the Activity Log in the Customer.io dashboard or using the Reporting API under https://api.customer.io/v1/.
Known gotchas
Customer.io uses two separate APIs with different base URLs and different auth mechanisms: the Track API (track.customer.io) uses HTTP Basic auth with Site ID/API key, while the App API (api.customer.io) uses Bearer tokens — mixing these up causes 401 errors.
Deleting a customer via the API permanently removes all their data and suppresses future messages to that identifier; this action is irreversible and should not be used for simple opt-outs.
Timestamps for events must be Unix timestamps (seconds); sending millisecond timestamps causes events to be placed far in the future, breaking time-based campaign triggers.
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp