# Overview Ready to register your 10DLC brand or campaign or verify your TFN? You're in the right place. a button Download OAS 3.0 Specification ## 10DLC brand and campaign registration In addition to the API, you can also create brands and campaigns on the Sinch [Sinch Build Dashboard](https://dashboard.sinch.com/sms/us-10dlc-campaigns). The following articles are available to walk you through the process on the dashboard: - - [Creating a new 10DLC campaign](https://community.sinch.com/t5/10DLC/Creating-a-new-US-10DLC-Campaign/ta-p/11695) ## Authentication There are two ways to authenticate the Registration API: Basic and OAuth 2.0. The recommended way is via OAuth as it is more secure. ## OAuth2.0 authentication Achieve more secure API authentication with OAuth 2.0 **access tokens**. Access tokens are *short lived*. Typically, they will only last **one hour**. This is done to keep your data (and ours) safer. In exchanging credentials, you'll get a long string called an **access token**. This access token will serve as your bearer token in the authorization header of API calls. **Find your credentials** in the [Sinch Build Dashboard](https://dashboard.sinch.com/settings/access-keys). There are two pieces of information needed to obtain an access token: the **key ID** and **key secret** corresponding to your project ID. To get an access token, do the following: 1. Login to the Sinch Build Dashboard to get your [access keys](https://dashboard.sinch.com/settings/access-keys). 2. Click on **Create Access Key** and when prompted, enter a display name, then click **Confirm**. Not at all. If you have existing credentials saved, feel free to use them. 3. A **Key ID** and **Key Secret** will display. Save the project ID, key ID, and key secret someplace safe. **The key secret is only viewable at the time of initial creation.** If you accidentally misplace they key secret, no worries! Create a new key. 4. Using the following curl command, get your access token using the key ID and key secret. ```curl curl https://auth.sinch.com/oauth2/token \ -d grant_type=client_credentials \ -u YOUR_Key_ID:YOUR_Key_Secret ``` 5. You'll see your new access token in the response. Now you're ready to use this token on calls to the API. The access token will be useable for **one hour.** Short lived The access token is meant to be short lived for enhanced security. Generate one as often as it is necessary. ## Basic authentication [HTTP Basic authentication ](http://en.wikipedia.org/wiki/Basic_access_authentication)works on all Sinch REST APIs. Basic auth is often the preferred option for testing because it is simple and easy to use. Important! Basic authentication is intended for test purposes only, and should only be used for experimenting with APIs and building prototypes. API calls using basic authentication are heavily rate limited, and these limits may change at any time without warning. Production systems should use OAuth access tokens instead. Basic authentication is sent in the authorization header with each call. No matter the programming language, there are three main components for successful basic authentication in a request: - The designation of authorization type, which is `basic` - The `username`, which in Sinch's case is `YOUR_Key_ID`, corresponding to your project - The `password`, which is `YOUR_Key_Secret`, again, corresponding to the project You can view and manage your API credentials [here](https://dashboard.sinch.com/settings/access-keys). Need help? Check out [this article](https://community.sinch.com/t5/Virtual-Numbers/What-is-a-project-and-where-do-I-find-the-key-and-secret/ta-p/8794) for a walk-through on finding your key and secret. To use basic auth in an API call, do the following: 1. First, create a new access key [in the Sinch Build Dashboard](https://dashboard.sinch.com/settings/access-keys) by clicking **Create Access Key**. 2. Copy your **project ID**, **key ID**, and **key secret**. Keep your key secret somewhere safe as it is **only viewable upon initial project creation**. The project ID and key ID are always readily available in the Sinch Build Dashboard. If you misplace your key secret, simply generate a new key! 3. Use your key ID as the username (sometimes called the `client_id`) and your key secret as the password (can be referred to as the `client_secret`) in every call made to a Sinch API. ## Base URL The following URLs can be used by the REST API. | Server | URL | | --- | --- | | HTTP 10DLC API Server (Default(US)) | `http://us10dlc.api.sinch.com` | ## Formats and conventions Let's take a brief look at some of the formats used in the REST API. ### JSON JSON (`application/json`) is the content type of both requests and responses if not otherwise specified. Requests with invalid JSON will be rejected. ### Null values Null values can be omitted in requests and will be omitted in responses. In some cases, explicitly setting `null` will overwrite a previously set value with `null`. ## New features New features might result in additional request and response parameters. New request parameters will either have a default value or be considered optional to retain backwards compatibility. It's highly recommended to ignore any unexpected parameters when reading JSON in API responses and in callback handlers.