Introduction

SMS.to API is created for developer by developers. In this guide we will try to be explicit as much as possible as well to make usage of API simple and get you ready to start within minutes.

Security - Quality - Stability - Availability

Security

Our platform accept only secured traffic over HTTPS protocol. Unencrypted traffic is redirected or rejected. Make sure to always configure and use HTTPS protocol in comunication with our platform.

Infrastructure / System Availability

Platform is hosted by one of Top 3 European hosting providers that own couple of data centers across Europe. Infrastructure was built using latest container and micro-services concepts driven by most well-known Container Orchestrator. It run under a mix of Cloud Instance and Dedicated Bare Metal servers, this allow platform to scale very fast ( < 30sec ) when need.

Network

When come to network, we always choose Premium and Dedicated Bandwidth from our hosting to always have the best latency. Cloud instances and dedicated servers are equipped with 10Gbit Port. DDoS protection is handled by Data Center that is able to apply scrubbing filters or null-route.

Application Lifecycle

To begin you need an SMS.to account and to create an OAuth2.0 Authorisation Key. We intend to build strong long-term relations with our clients and enable the usage of our API's to simplify business communications. Typically our systems undergo continuous investment and 2 week releases of new versions or features. Thank you for investing in our services, we will keep improving.

Law and Regulation

We are an EU based company. Currently we are undergoing the process of undertaking different privacy and security certifications to improve compliance for our customers. Although we are an International Organisation with many local offices, our home base is located in the EU. Thus, we follow strict rules for data and telecommunications in order to protect civil rights and privacy. Our security policy is approved under EU laws. Read our GDPR Policy here. Your data and your clients are protected.

Overview

In order to use API, you must obtain a API Client ID and Secret. To get these, please login into SMS.to web application and go to your API Dashboard. Click on Create Client button or use an existing client, if you have any.

When you create a new client you have to provide only a name just to remember later and to organize different clients that you will create.

After creating a client the system will provide a Client ID and a Client Secret which are necessary to continue making requests to our API.

Authentication

We are using OAuth 2.0 protocol. After getting a CLIENT ID and SECRET you will use them to generate an access token so you can be authorized to make requests to our API.

To request an access-token you will need to make a POST request to this endpoint: https://api.sms.to/v1/oauth/token with the following body parameters:

{
    "grant_type": "password",
    "client_id": xyz,
    "client_secret": "xxyyzzxxyyzzxxyyzzxxyyzzxxyyzzxxyyzz",
    "username": "your@email.com",
    "password": "your-password",
    "scope": "*"
}

The response will be:

{
    "token_type": "Bearer",
    "expires_in": "xyzxyz",
    "access_token": "xyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyz",
    "refresh_token": "xyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyz"
}

You will need to use that access_token in every request that you will do over API as an Authorization header. As in the below example:

Authorization: Bearer xyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyz

Request Headers

In every request that you will do to the API, it's required to include the Authorization and Accept headers. As in the below example:

Authorization: Bearer xyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyz
Accept: application/json

Error Codes

What errors and status codes can a user expect?

Error codes Error Code description
200 (OK) The operation was completed successfully
401 (NOT_AUTHENTICATED) No access token provided or the access token has expired
404 (NOT_FOUND) Something that was requested wasn't found. For example, if we want to retrieve information about a specific entity with an id and the id doesn't exist.
422 (UNPROCESSABLE_ENTITY) Unprocessable Entity
500 (INTERNAL_SERVER_ERROR) An internal error occured (our system is down or we have a bug)

Response Format

The response format depends by the request, because some of them include some extra fields. The general response format will be:

{
    "success": true,
    "message": "Action performed successfully."
    "data": ["depends": "by request"]
    "errors": {
        "validation-field-name": ["Validation error message here."]
    }
}

results matching ""

    No results matching ""