Overview

Send and receive messages globally over SMS, RCS, WhatsApp, Viber Business, Facebook messenger and other popular channels using the Sinch Conversation API.

The Conversation API endpoint uses built-in transcoding to give you the power of conversation across all supported channels and, if required, full control over channel specific features.

Download the OpenAPI specification here.

Authentication

The Conversation API uses OAuth2 Access Tokens to authenticate API calls. The first step to obtaining an Access Token is to create an Access Key in the Sinch Customer Dashboard under Settings -> Access Keys. A client_id and client_secret will be provided when creating an Access Key in the portal. The project ID will also be visible on the Access Key page in the portal. The created Access Key can be used in the different authentication flows in both regions. The following snippet illustrates how to obtain an Access Token that can be used to authenticate towards the Conversation API.

To get an OAuth token, you will post your client_id and secret to the Sinch endpoint:

curl https://auth.sinch.com/oauth2/token -d grant_type=client_credentials --user <client_id>:<client_secret>

A call to the Conversation API, in the US, can then be done by including the obtained Access Token in the request header. See below for an example:

curl -H "Authorization: Bearer <access token>" \
 https://us.conversation.api.sinch.com/v1/projects/<Project ID>/apps

To use Basic authentication, use your client_id as the basic auth username and your secret as the password. Basic authentication towards the Conversation API in the EU is also possible since the created Access Key is valid for the EU region as well.

curl https://us.conversation.api.sinch.com/v1/projects/<Project ID>/apps --user <client_id>:<client_secret>

Postman collection

Sinch offers a Postman collection for easy setup and testing during development. For ease of use, follow the next link Postman Collection, into a Firefox browser or, use the Import option in Postman.

After importing the collection, fill in the following variables:

For testing purposes, fill the WEBHOOK_URL by visiting https://webhook.site/ and use the generated link - the one under the Your unique URL label.

Values for other variables can be obtained by calling corresponding requests:

• CONTACT - ID of contact created by calling **Create contact** request.
• WEBHOOK_ID - ID of webhook created by calling **Create webhook** request.
• CONVERSATION - a Conversation is created automatically when sending a new message. For example, with a Text Message request, send a message, then call [List conversations](https://developers.sinch.com/reference#conversation_listconversations) to get the ID of the conversation for this variable.

Errors

When requests are erroneous, the Sinch Conversation API will respond with standard HTTP status codes, such as 4xx for client errors. All responses include a JSON body of the form:

{
  "error": {
    "code": 401,
    "message": "Request had invalid credentials.",
    "status": "UNAUTHENTICATED",
    "details": [{
      "@type": "type.googleapis.com/google.rpc.RetryInfo",
      ...
    }]
  }
}

The table below describes the fields of the error object:

Common error responses

Rate Limits

Conversation API has two kinds of rate limits that may result in status 429 Too Many Requests:

• Projects are limited to 200 requests per second across all apps and all endpoints. If more than 200 requests are made in one second, requests beyond the 200th may be rejected.
• Apps have a maximum MT queue size of 50000 messages, which are consumed at a rate of 25 messages per second by default. Performing over 25 requests per second over an extended period of time may fill up the queue and result in rate limiting.

For more information about raising these limits, please contact your Sinch account manager.

Next Steps

To get started sending and receiving messages, follow the guide below: