Guides
Last updated
July 25, 2025

5 Ways to Implement Email Validation with Joi

Nicolas Rios
Nicolas Rios
Table of Contents:
ON THIS PAGE
Get your free
email validation
 API key now
stars rating
4.8 from 1,863 votes
See why the best developers build on Abstract
START FOR FREE
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
No credit card required

Ensuring data quality often starts with proper email validation in Joi. We'll walk through five different implementation methods, providing working code for each. After examining the pitfalls of these traditional techniques, we will see how Abstract API addresses their shortcomings.

How to Implement Email Validation in Joi

Joi offers several built-in methods to validate email addresses. Each approach provides a different level of control over the validation rules, from basic syntax checks to more specific configurations.

Vanilla Joi.string().email()

The most direct method uses Joi’s standard email validation. This function employs an RFC-compliant parser from the @hapi/address module to check the email's syntax. It also consults the official IANA Top-Level Domain (TLD) list.

If a bundler removes this list, Joi may return a “Built-in TLD list disabled” error. You can find more details in the Joi documentation and on this GitHub issue.

const schema = Joi.string().email();

Explicit TLD Configuration

This method gives you direct control over which TLDs to accept. You can provide an allow list or disable the TLD check completely. The `minDomainSegments` option ensures an address has a minimum number of domain parts, so `foo@bar` fails while `foo@bar.com` passes.

According to a Stack Overflow discussion, `tlds: false` is the documented workaround when the TLD list is not available in the browser, as noted in the official API docs.

const schema = Joi.string().email({
  tlds: { allow: ['com', 'net', 'io'] },
  minDomainSegments: 2
});

Refined Length, Unicode, and FQDN Rules

Joi allows for more granular control over email validation rules. You can adjust settings for character types, length, and domain format. Here is a breakdown of the options:

  • allowUnicode: false: This option blocks non-ASCII characters in either the local or domain part of the email. This is often a requirement for legacy systems.
  • ignoreLength: false: This enforces the 254-character hard limit for email addresses.
  • allowFullyQualified: true: This option permits a trailing dot in the domain name, which supports certain internal DNS workflows. More information is available in the Joi API documentation and a related GitHub discussion.
const schema = Joi.string().email({
  allowUnicode: false,
  ignoreLength: false,
  allowFullyQualified: true
});

Custom Rule with @hapi/address

For more advanced cases, you can create a custom validation rule. This approach uses `Address.analyzeEmail`, the same evaluation tool Joi uses internally. The function returns a specific failure code if the email is invalid, which you can translate into a custom error message.

When you wrap this logic in a `custom()` method, you can chain additional checks, such as a company-specific blocklist. The @hapi/address documentation provides further details.

const Address = require('@hapi/address');
const emailSchema = Joi.string().custom((value, helpers) => {
  const error = Address.analyzeEmail(value, { tlds: { allow: true } });
  if (error) return helpers.error('string.email', { value });
  return value;
});

Challenges of Joi Email Validation

While Joi provides useful tools for basic email validation, its syntax-first approach presents several practical limitations. These drawbacks often force developers to implement workarounds or accept a lower standard of data quality.

  • The vanilla Joi.string().email() method rejects email addresses that contain UTF-8 characters in the local part. This limitation makes it incompatible with modern international standards, as it fails to validate many legal, non-ASCII addresses.
  • Joi's validator does not handle Punycode translation for internationalized domain names. As a result, native-script domains fail validation unless developers pre-encode them, which adds an extra step to the process and complicates the validation logic.
  • By default, Joi.string().email() permits addresses without a top-level domain, like "user@local". To enforce a TLD, you must add extra configuration like minDomainSegments, which creates unintuitive defaults and potential maintenance friction.
  • All Joi methods, including custom rules, only assert syntax correctness. They cannot determine actual mailbox deliverability, so an address that passes validation may still bounce due to provider policies or because it is a disposable domain.

Validate Emails with Abstract API.
Ensure data integrity in your Joi projects by implementing robust and accurate email validation.
Get started for free

How Abstract API Handles Email Validation in Joi

Abstract API addresses the core weaknesses of traditional validation methods. It adds real-time, network-level intelligence to the process.

  • It performs real-time MX record lookups and SMTP handshakes to confirm an email address can receive mail.
  • The service detects and flags disposable, role-based, or catch-all addresses that regex-based checks miss.
  • It provides typo autocorrection for common user input errors.
  • The API returns a single deliverability status and a quality score for a clear, actionable verdict on each email.

How to Add Abstract API to Your Dev Environment

Once you know Abstract’s capabilities, to add its email validation API to your project is simple.

  • Install the necessary packages with the command: npm install joi axios dotenv.
  • Sign up at Abstract API and get your email validation API key from the dashboard.
  • Add your key to a .env file with the variable ABSTRACT_EMAIL_KEY and load it.
import Joi from 'joi';
import axios from 'axios';

const emailSchema = Joi.string().email().external(async (value, helpers) => {
  const { data } = await axios.get('https://emailvalidation.abstractapi.com/v1/', {
    params: { api_key: process.env.ABSTRACT_EMAIL_KEY, email: value }
  });
  if (data.deliverability !== 'DELIVERABLE' || data.is_disposable_email.value) {
    throw helpers.error('any.invalid', { message: 'Undeliverable or disposable email' });
  }
  return value;
});
export default emailSchema;

Sample Email Validation Implementation with Abstract API

The code above shows how to integrate Abstract API inside a Joi schema. It uses Joi’s async external hook to call the API for each email address that passes the initial format check. The validator checks the API response. If the deliverability status is not DELIVERABLE or if the email is a disposable address, the validator throws an error. Otherwise, the email passes validation.

For a valid email, the API returns a detailed JSON object:

{
  "email": "johnsmith@gmail.com",
  "autocorrect": "",
  "deliverability": "DELIVERABLE",
  "quality_score": 0.90,
  "is_valid_format": { "value": true,  "text": "TRUE" },
  "is_free_email":  { "value": true,  "text": "TRUE" },
  "is_disposable_email": { "value": false, "text": "FALSE" },
  "is_role_email":  { "value": false, "text": "FALSE" },
  "is_mx_found":    { "value": true,  "text": "TRUE" },
  "is_smtp_valid":  { "value": true,  "text": "TRUE" }
}

The response provides a clear verdict. The deliverability field gives a single state, so your validator can block anything except DELIVERABLE. Other fields like is_disposable_email and is_role_email let you reject temporary or group addresses, while is_mx_found and is_smtp_valid confirm the mail server can receive mail.

Final Thoughts

Traditional Joi validation only matches syntax patterns, a method that fails to detect typos, disposable addresses, or confirm if an inbox can receive mail. Abstract API closes these gaps with real-time network checks that confirm deliverability. For reliable user email validation, consider an account on Abstract API to get your free API key.

Validate Emails with Abstract API.
Protect your application and improve data quality by adding email validation to your Joi schemas.
Get started for free

Related Articles

Phone Validation
key now
Get your free
stars rating
4.8 from 1,863 votes
See why the best developers build on Abstract
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
No credit card required