Authentication

The WhatsApp API uses Basic Authentication for all requests. You'll need your API Key and API Secret to authenticate.

Getting Your Credentials

Read Generating API Keys guide to learn how to generate and manage your API keys.

Basic Auth Setup

Authorization: Basic base64(api_key:api_secret)

Required Headers

Authorization: Basic <encoded_credentials>
Content-Type: application/json

API Key Types

SMSLeopard provides two types of API keys for different use cases:

1. Sandbox API Key

Purpose: Testing and development
Behavior: Simulates API responses without sending actual messages
Billing: No charges applied to sandbox requests
Use Case: Perfect for testing your integration

Sandbox keys return realistic responses but don't deliver actual WhatsApp messages.

2. Production API Key

Purpose: Live message delivery
Behavior: Sends actual WhatsApp messages to recipients
Billing: All requests are billed according to your pricing plan
Use Case: Production applications and live messaging

⚠️

Production API keys will charge your account for each message sent. Always test with sandbox keys first.

Authentication Examples

curl -X GET "https://whatsapp.smsleopard.com/v1/phone_number_ids" \
  -H "Authorization: Basic $(echo -n 'your_api_key:your_api_secret' | base64)" \
  -H "Content-Type: application/json"

Security Best Practices

Never expose credentials in client-side code
Use environment variables to store API keys
Use sandbox keys for all testing and development
Rotate API keys regularly for enhanced security
Monitor API usage to detect unauthorized access

Overview Phone Numbers