Overview

Send and receive messages globally over SMS, RCS, WhatsApp, Viber Business, Facebook messenger and other popular channels using the Sinch Conversation API.

The Conversation API endpoint uses built-in transcoding to give you the power of conversation across all supported channels and, if required, full control over channel specific features.

Download the OpenAPI specification here.

Authentication

OAuth2.0 authentication

Achieve more secure API authentication with OAuth 2.0 access tokens.

Access tokens are short lived. Typically, they will only last one hour. This is done to keep your data (and ours) safer.

In exchanging credentials, you'll get a long string called an access token. This access token will serve as your bearer token in the authorization header of API calls.

There are two pieces of information needed to obtain an access token: the key ID and key secret corresponding to your project ID.

To get an access token, do the following:

1. Login to the Sinch Client Dashboard to get your access keys. If you're using the beta version of our dashboard, click here instead.
2. Click on New Key and when prompted, enter a display name, then click Confirm.

   Does it have to be a new key?

   Not at all. If you have existing credentials saved, feel free to use them.

3. A Key ID and Key Secret will display. Save the project ID, key ID, and key secret someplace safe.

   Important:

   The key secret is only viewable at the time of initial creation.

   If you accidentally misplace they key secret, no worries! Create a new key.

4. Using the following curl command, get your access token using the key ID and key secret.
   Copy

   Copied

   curl https://auth.sinch.com/oauth2/token \
   -d grant_type=client_credentials \
   -u YOUR_Key_ID:YOUR_Key_Secret

5. You'll see your new access token in the response. Now you're ready to use this token on calls to the API. The access token will be useable for one hour.

Basic authentication

Basic authentication is sent in the authorization header with each call.

No matter the programming language, there are three main components for successful basic authentication in a request:

• The designation of authorization type, which is basic
• The username, which in Sinch's case is YOUR_Key_ID, corresponding to your project
• The password, which is YOUR_Key_Secret, again, corresponding to the project

To use basic auth in an API call, do the following:

1. First, create a new access key in the Customer Dashboard by clicking New Key.If you are using the beta version of the Customer Dashboard, create a new access key here instead.
2. Copy your project ID, key ID, and key secret.

   Important:

   Keep your key secret somewhere safe as it is only viewable upon initial project creation. The project ID and key ID are always readily available in the Customer Dashboard. If you misplace your key secret, simply generate a new key!

3. Use your key ID as the username (sometimes called the client_id) and your key secret as the password (can be referred to as the client_secret) in every call made to a Sinch API.

Base URL

The following URLs can be used when making calls to the Conversation API (or Template Management API, which is used in coordination with the Conversation API).

Note that, when making a call to the Conversation API or Template Management API, you must target the regional server that corresponds to the region in which you created your Conversation API app.

Postman collection

Sinch offers a Postman collection for easy setup and testing during development. For ease of use, follow the next link Postman Collection, into a Firefox browser or, use the Import option in Postman.

After importing the collection, fill in the following variables:

For testing purposes, fill the WEBHOOK_URL by visiting https://webhook.site/ and use the generated link - the one under the Your unique URL label.

Values for other variables can be obtained by calling corresponding requests:

• CONTACT - ID of contact created by calling **Create contact** request.
• WEBHOOK_ID - ID of webhook created by calling **Create webhook** request.
• CONVERSATION - a Conversation is created automatically when sending a new message. For example, with a Text Message request, send a message, then call [List conversations](https://developers.sinch.com/reference#conversation_listconversations) to get the ID of the conversation for this variable.

Errors

{
  "error": {
    "code": 401,
    "message": "Request had invalid credentials.",
    "status": "UNAUTHENTICATED",
    "details": [{
      "@type": "type.googleapis.com/google.rpc.RetryInfo",
      ...
    }]
  }
}

The table below describes the fields of the error object:

Common error responses

Rate Limits

• Conversation API apps have a maximum MT ingress queue size of 500000 messages, which are drained towards the channel at a rate of 20 messages per second by default (this rate may be higher if the channel has been purchased with a higher capacity).
• Projects are limited to 800 requests per second across all apps and most endpoints. Making over 800 requests per second over an extended period of time may saturate the app-specific ingress queue, resulting in rate limiting.