๐ Authentication
The Whatspie API uses Bearer Token Authentication for secure access to all endpoints. This streamlined authentication system is designed for enterprise applications with enhanced security features.
๐ก๏ธ Security First
All API requests are authenticated using Bearer tokens with automatic rate limiting and request validation to ensure your application's security.
๐ฏ Authentication Overviewโ
Whatspie API uses a simple yet secure authentication method:
- Get your API Token from your Whatspie dashboard -> Developers or this link https://app.whatspie.com/profile?tab=developer
- Include the token in the
Authorizationheader for all requests - Start using the API immediately with full access to all features
๐ Required Headersโ
Every API request must include these headers:
| Header | Value | Description |
|---|---|---|
Authorization | Bearer YOUR_API_TOKEN | Your unique API authentication token |
Content-Type | application/json | Request content type |
Accept | application/json | Expected response format |
๐ Authentication Exampleโ
Basic Request Structureโ
curl -X POST "https://api.whatspie.com/messages" \
-H "Authorization: Bearer YOUR_API_TOKEN" \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-d '{
"device": "6281234567890",
"receiver": "6289876543210",
"type": "chat",
"params": {
"text": "Hello World!"
},
"simulate_typing": 1
}'
๐ Getting Your API Tokenโ
From Whatspie Dashboardโ
To obtain your API token, follow these steps:
- Login to your Whatspie dashboard at https://app.whatspie.com
- Navigate to the Developers section in the sidebar, or go directly to your Profile โ Developer tab: https://app.whatspie.com/profile?tab=developer
- Copy your API Token from the Developer credentials section
- Use this token in all API requests
๐ Quick Access: You can find your API token in the sidebar under Developers or by visiting your Profile โ Developer tab.
Token Storageโ
- Store tokens securely in your application
- Never expose tokens in client-side code or logs
- Use environment variables for production deployments
๐ก๏ธ Security Best Practicesโ
- Secure Storage: Store API tokens securely using environment variables
- HTTPS Only: Always use HTTPS in production environments
- Token Protection: Never expose tokens in client-side code or logs
- Rate Limiting: Respect API rate limits to avoid temporary blocks
- IP Restrictions: Consider restricting API access to specific IP addresses
Error Handlingโ
Common Authentication Errorsโ
401 Unauthorizedโ
{
"code": 401,
"message": "Unauthorized"
}
Solutions:
- Verify your API token is correct
- Ensure the token is properly formatted in the Authorization header
- Check if your token has been revoked or expired
403 Forbiddenโ
{
"code": 403,
"message": "Forbidden"
}
Solutions:
- Verify your account has the required permissions
- Check if your subscription plan supports the requested feature
- Ensure your account is active and in good standing
๐งช Testing Authenticationโ
You can test your authentication setup using curl:
# Test with your API token
curl -X POST "https://api.whatspie.com/messages" \
-H "Authorization: Bearer YOUR_API_TOKEN" \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-d '{
"device": "6281234567890",
"receiver": "6289876543210",
"type": "chat",
"params": {
"text": "Test message from API! ๐งช"
},
"simulate_typing": 1
}'
Environment Variable Setupโ
# Set your API token as environment variable
export WHATSPIE_API_TOKEN="your_actual_token_here"
# Use in curl request
curl -X POST "https://api.whatspie.com/messages" \
-H "Authorization: Bearer $WHATSPIE_API_TOKEN" \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-d '{"device":"6281234567890","receiver":"6289876543210","type":"chat","params":{"text":"Hello World!"}}'
Next Stepsโ
Once you have successfully authenticated, you can:
- Connect your WhatsApp device using QR codes
- Send messages to contacts
- Manage groups and participants
Remember to handle token expiration gracefully in your application and implement proper error handling for authentication failures.