Integration

How to integrate Business Messaging API?

SDKs

Several SDKs are available to get you started with your API integration.

API endpoints

We recommend that all our customers utilize our global endpoint, which is globally load-balanced across all our platform locations. Geo-based routing allows us to select the optimal platform based on your location, ensuring high availability and security through our partner, Cloudflare.

🚧

Sub-processing by Cloudflare, Inc.

If you use the Global endpoint via Cloudflare, you agree that Cloudflare, Inc. located in the USA is engaged as a Sub-processor under the Agreement, for an overview of our Sub-processors please see: https://www.cm.com/cdn/web/file/subprocessors.pdf.

More information can be found in our Help Center.

  • Global endpoint via Cloudflare: https://gw.messaging.cm.com/v1.0/message
  • Global Endpoint URL: https://gw.cmtelecom.com/v1.0/message
  • China mainland Endpoint URL: https://gw-cn.cmtelecom.com/v1.0/message
  • Hong Kong Endpoint URL: https://gw-hk.cmtelecom.com/v1.0/message

Our API supports sending messages via HTTP. You can send a POST request containing a JSON or XML body. We strongly advise that you use JSON. The newer communication channels like RCS, WhatsApp, and Viber are only supported via JSON. There is extra information and examples about XML, SMPP and GET in our API documentation.

Authentication / Authorization

All requests require your product token which, as a registered user, you can find on our platform in the Channels app or for older SMS accounts in the Gateway app.

❗️

Keep your product token secret

Your product token is private information and should never be incorporated into webpages and/or mobile applications where it can be exposed to 3rd parties.

Encryption

🚧

Security protocols

Older security protocols such as TLSv1.1, TLSv1.0 and SSLv3 are not supported.

Communication with the CM.com servers should be done using the TLS cryptographic protocol, version 1.2 or higher.

When making use of the WhatsApp Business API solution messages are encrypted on our platform. In our WhatsApp implementation guide we explain how this works. Encryption is a mandatory WhatsApp feature, implemented by CM.com. You don't have to do anything to manually enable this, as it is part of the the WhatsApp account creation process.

Receiving messages

When implementing communication channels like WhatsApp, that allow conversations with for instance a Bot or Service employee, there will be data flows from your systems (outbound/outgoing) as well as data which needs to be sent to your systems (inbound/incoming/MO).

To receive incoming messages (MO), you need to set a webhook and map the incoming API in your system. More information can be found in the API documentation of the Inbound webhook