Developer

Appearance

Authentication ​

Authenticate your API calls by including your API key in the Authorization header of each request to our API endpoints.

💡 Remember!

You manage your API keys from your Cecula DartPro dashboard.

Types of API Keys ​

We provide a Sandbox and a Live API Key.

  • Sandbox Key: Use this key to test your integration without incurring charges or sending actual SMS messages. It is useful during the integration process to verify your setup before going live.

  • Live Key: Use this key for production. It allows you to send real SMS messages and interact with the live environment.

How to Obtain Your API Key ​

To get your API key from Cecula DartPro, follow these steps:

  1. Login

  2. Navigate to A2P SMS Settings

    • Go to Settings and select A2P SMS.

  3. Choose Your API Key

    • You’ll find two keys:
      • Sandbox: For testing.
      • Live: For production.
    • Copy the appropriate key.

How to Authenticate ​

All requests to the API must include the following headers:

  1. Authorization: A Bearer token is required for authorization.
    • Format: Bearer YOUR_API_KEY
  2. Content-Type: All requests should specify the content type as JSON.
    • Content-Type: application/json

Example Request ​

Here is an example of how to structure a request using curl:

bash
curl -X GET https://app.cecula.com/api/your-endpoint \
     -H "Authorization: Bearer YOUR_API_KEY" \
     -H "Content-Type: application/json"

All requests must be made over HTTPS.

Headers: ​

HeaderValue
AuthorizationBearer YOUR_API_KEY
Content-Typeapplication/json

Common Errors ​

  • 401 Unauthorized: Occurs when the Authorization header is missing or incorrect.
  • 400 Bad Request: Happens when the Content-Type is not set to application/json.

Protecting your API Key ​

When integrating with our API, it's crucial to handle your API keys securely. Below are key best practices to ensure the protection and proper management of your API keys:

  • Do Not Expose Keys: API keys should never be exposed in publicly accessible code repositories, frontend code (JavaScript files served to browsers), or shared environments. This includes avoiding the inclusion of API keys in client-side code or committing them to version control systems like Git.

  • Use Environment Variables: Store your API keys securely using environment variables in your backend applications or deployment pipelines. This helps keep your keys safe from unauthorized access.

    Plaintext
    API_KEY=YOUR_API_KEY

    In your application code, access the key using environment variables:

    Javascript
    const apiKey = process.env.API_KEY;