Overview
Send and receive messages globally over SMS, RCS, WhatsApp, Viber Business, Facebook messenger and other popular channels using the Sinch Conversation API.
The Conversation API endpoint uses built-in transcoding to give you the power of conversation across all supported channels and, if required, full control over channel specific features.
Download the OpenAPI specification here.
Authentication
The Conversation API uses OAuth2 Access Tokens to authenticate API calls. The first step to obtaining an Access Token is to create an Access Key in the Sinch Customer Dashboard under Settings -> Access Keys. A client_id and client_secret will be provided when creating an Access Key in the portal. The project ID will also be visible on the Access Key page in the portal. The created Access Key can be used in the different authentication flows in both regions. The following snippet illustrates how to obtain an Access Token that can be used to authenticate towards the Conversation API.
To get an OAuth token, you will post your client_id and secret to the Sinch endpoint:
curl https://auth.sinch.com/oauth2/token -d grant_type=client_credentials --user <client_id>:<client_secret>A call to the Conversation API, in the US, can then be done by including the obtained Access Token in the request header. See below for an example:
curl -H "Authorization: Bearer <access token>" \
https://us.conversation.api.sinch.com/v1/projects/<Project ID>/appsclient_id as the basic auth username and your secret as the password. Basic authentication towards the Conversation API in the EU is also possible since the created Access Key is valid for the EU region as well.curl https://us.conversation.api.sinch.com/v1/projects/<Project ID>/apps --user <client_id>:<client_secret>Postman collection
Sinch offers a Postman collection for easy setup and testing during development. For ease of use, follow the next link Postman Collection, into a Firefox browser or, use the Import option in Postman.
After importing the collection, fill in the following variables:
| Variable | Value |
|---|---|
PROJECT | Your PROJECT ID |
APP | Your app ID |
CLIENT_ID | Your CLIENT_ID |
CLIENT_SECRET | Your client secret |
For testing purposes, fill the WEBHOOK_URL by visiting https://webhook.site/ and use the generated link - the one under the Your unique URL label.
Caution:
The https://webhook.site/ URL given above should only be used for testing purposes. Using the Conversation API can generate high volumes of callbacks, which can easily exceed the TPS limits of certain webhook services. Additionally, sensitive information may be included in the callback, including message content and contact information. Ensure that you use a scalable and secure callback/webhook processor after your initial testing is complete.
Values for other variables can be obtained by calling corresponding requests:
CONTACT- ID of contact created by calling **Create contact** request.WEBHOOK_ID- ID of webhook created by calling **Create webhook** request.CONVERSATION- a Conversation is created automatically when sending a new message. For example, with a Text Message request, send a message, then call [List conversations](https://developers.sinch.com/reference#conversation_listconversations) to get the ID of the conversation for this variable.
Errors
When requests are erroneous, the Sinch Conversation API will respond with standard HTTP status codes, such as4xx for client errors. All responses include a JSON body of the form:{
"error": {
"code": 401,
"message": "Request had invalid credentials.",
"status": "UNAUTHENTICATED",
"details": [{
"@type": "type.googleapis.com/google.rpc.RetryInfo",
...
}]
}
}The table below describes the fields of the error object:
| Name | Description | JSON Type |
|---|---|---|
| Code | HTTP status code | Number |
| Message | A developer-facing error message | String |
| Status | Response status name | String |
| Details | List of detailed error descriptions | Array of objects |
Common error responses
| Status | Description |
|---|---|
| 400 | Malformed request |
| 401 | Incorrect credentials |
| 403 | Correct credentials but you don't have access to the requested resource |
| 429 | See Rate Limits. |
| 500 | Something went wrong on our end, try again with exponential back-off |
| 503 | Something went wrong on our end, try again with exponential back-off |
Rate Limits
The Conversation API has two kinds of rate limits that may result in status429 Too Many Requests:- Conversation API apps have a maximum MT ingress queue size of 500000 messages, which are drained towards the channel at a rate of 25 messages per second by default (this rate may be higher if the channel has been purchased with a higher capacity).
- Projects are limited to 800 requests per second across all apps and all endpoints. Making over 800 requests per second over an extended period of time may saturate the app-specific ingress queue, resulting in rate limiting.
In addition to project and app level limitations, each channel also has rate limitations that can affect performance. In some cases (for example, the SMS channel), these rate limits can be adjusted. In others (for example, the Instagram channel), they can't be adjusted. For more information about raising project, app, or channel rate limits, contact your Sinch account manager.
Next Steps
To get started sending and receiving messages, follow the guide below: