Integration
How to integrate Business Messaging API?
SDKs
Several SDKs are available to get you started with your API integration.
- Node.js NPM package GitHub
- PHP Composer package GitHub
- Java Text SDK GitHub
- .NET NuGet Text SDK GitHub
- Python Text SDK GitHub
API endpoints
We recommend that all our customers utilize our global endpoint, which is globally load-balanced across all our platform locations. Geo-based routing allows us to select the optimal platform based on your location, ensuring high availability and security through our partner, Cloudflare.
- Recommended Global endpoint via Cloudflare: https://gw.messaging.cm.com/v1.0/message
Sub-processing by Cloudflare, Inc.
If you use the Global endpoint via Cloudflare, you agree that Cloudflare, Inc. located in the USA is engaged as a Sub-processor under the Agreement, for an overview of our Sub-processors please see: https://www.cm.com/cdn/web/file/subprocessors.pdf.
More information can be found in our Help Center.
- Global endpoint via Cloudflare:
https://gw.messaging.cm.com/v1.0/message
- Global Endpoint URL:
https://gw.cmtelecom.com/v1.0/message
- China mainland Endpoint URL:
https://gw-cn.cmtelecom.com/v1.0/message
- Hong Kong Endpoint URL:
https://gw-hk.cmtelecom.com/v1.0/message
Our API supports sending messages via HTTP. You can send a POST request containing a JSON or XML body. We strongly advise that you use JSON. The newer communication channels like RCS, WhatsApp, and Viber are only supported via JSON. There is extra information and examples about XML, SMPP and GET in our API documentation.
Authentication / Authorization
All requests require your product token which, as a registered user, you can find on our platform in the Channels app or for older SMS accounts in the Gateway app.
Keep your product token secret
Your product token is private information and should never be incorporated into webpages and/or mobile applications where it can be exposed to 3rd parties.
Encryption
Security protocols
Older security protocols such as TLSv1.1, TLSv1.0 and SSLv3 are not supported.
Communication with the CM.com servers should be done using the TLS cryptographic protocol, version 1.2 or higher.
When making use of the WhatsApp Business API solution messages are encrypted on our platform. In our WhatsApp implementation guide we explain how this works. Encryption is a mandatory WhatsApp feature, implemented by CM.com. You don't have to do anything to manually enable this, as it is part of the the WhatsApp account creation process.
Receiving messages
When implementing communication channels like WhatsApp, that allow conversations with for instance a Bot or Service employee, there will be data flows from your systems (outbound/outgoing) as well as data which needs to be sent to your systems (inbound/incoming/MO).
To receive incoming messages (MO), you need to set a webhook and map the incoming API in your system. More information can be found in the API documentation of the Inbound webhook
Updated 23 minutes ago