Skip to main content
POST
/
v1
/
webhooks
Create webhook
curl --request POST \
  --url https://api.messages.dev/v1/webhooks \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "from": "+15551234567",
  "url": "https://example.com/webhooks",
  "events": [
    "message.received",
    "message.sent"
  ]
}
'
import requests

url = "https://api.messages.dev/v1/webhooks"

payload = {
    "from": "+15551234567",
    "url": "https://example.com/webhooks",
    "events": ["message.received", "message.sent"]
}
headers = {
    "Authorization": "Bearer <token>",
    "Content-Type": "application/json"
}

response = requests.post(url, json=payload, headers=headers)

print(response.text)
const options = {
  method: 'POST',
  headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
  body: JSON.stringify({
    from: '+15551234567',
    url: 'https://example.com/webhooks',
    events: ['message.received', 'message.sent']
  })
};

fetch('https://api.messages.dev/v1/webhooks', options)
  .then(res => res.json())
  .then(res => console.log(res))
  .catch(err => console.error(err));
<?php

$curl = curl_init();

curl_setopt_array($curl, [
  CURLOPT_URL => "https://api.messages.dev/v1/webhooks",
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => "",
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 30,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => "POST",
  CURLOPT_POSTFIELDS => json_encode([
    'from' => '+15551234567',
    'url' => 'https://example.com/webhooks',
    'events' => [
        'message.received',
        'message.sent'
    ]
  ]),
  CURLOPT_HTTPHEADER => [
    "Authorization: Bearer <token>",
    "Content-Type: application/json"
  ],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
  echo "cURL Error #:" . $err;
} else {
  echo $response;
}
package main

import (
	"fmt"
	"strings"
	"net/http"
	"io"
)

func main() {

	url := "https://api.messages.dev/v1/webhooks"

	payload := strings.NewReader("{\n  \"from\": \"+15551234567\",\n  \"url\": \"https://example.com/webhooks\",\n  \"events\": [\n    \"message.received\",\n    \"message.sent\"\n  ]\n}")

	req, _ := http.NewRequest("POST", url, payload)

	req.Header.Add("Authorization", "Bearer <token>")
	req.Header.Add("Content-Type", "application/json")

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := io.ReadAll(res.Body)

	fmt.Println(string(body))

}
HttpResponse<String> response = Unirest.post("https://api.messages.dev/v1/webhooks")
  .header("Authorization", "Bearer <token>")
  .header("Content-Type", "application/json")
  .body("{\n  \"from\": \"+15551234567\",\n  \"url\": \"https://example.com/webhooks\",\n  \"events\": [\n    \"message.received\",\n    \"message.sent\"\n  ]\n}")
  .asString();
require 'uri'
require 'net/http'

url = URI("https://api.messages.dev/v1/webhooks")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{\n  \"from\": \"+15551234567\",\n  \"url\": \"https://example.com/webhooks\",\n  \"events\": [\n    \"message.received\",\n    \"message.sent\"\n  ]\n}"

response = http.request(request)
puts response.read_body
{
  "id": "<string>",
  "line_ids": [
    "<string>"
  ],
  "url": "<string>",
  "events": [
    "<string>"
  ],
  "secret": "<string>",
  "is_active": true,
  "request_id": "<string>"
}
{
  "error": {
    "type": "invalid_request_error",
    "code": "missing_required_parameter",
    "message": "The 'from' query parameter is required.",
    "param": "from"
  },
  "request_id": "req_abc123"
}
{
  "error": {
    "type": "authentication_error",
    "code": "missing_api_key",
    "message": "Missing Authorization header. Use 'Authorization: Bearer sk_live_...'"
  },
  "request_id": "req_abc123"
}

Authorizations

Authorization
string
header
required

Use an API key as a bearer token: Authorization: Bearer sk_live_...

Each key has a set of scopes that gate which endpoints it can call: messages:read, messages:write, chats:read, lines:read, reactions:read, reactions:write, typing:read, typing:write, receipts:read, receipts:write, webhooks:read, webhooks:write, outbox:read, files:read, files:write. Keys can also be restricted to a subset of lines.

Body

application/json
from
string
required

Line handle (phone number or Apple ID) to subscribe to

Example:

"+15551234567"

url
string<uri>
required

HTTPS URL to receive webhook deliveries

Example:

"https://example.com/webhooks"

events
enum<string>[]
required

Events to subscribe to. See the schemas MessageReceivedEvent, MessageSentEvent, ReactionAddedEvent, ReactionRemovedEvent below for the data payload of each event.

Typing indicators (typing.started / typing.stopped) and inbound read receipts (receipt.read) are not delivered today; they will return when the underlying macOS-side detection layer surfaces them.

Available options:
message.received,
message.sent,
reaction.added,
reaction.removed
Example:
["message.received", "message.sent"]

Response

Webhook created

id
string

Webhook ID (e.g. wh_abc123)

line_ids
string[]

Line IDs this webhook is subscribed to (e.g. ["ln_abc123"])

url
string<uri>
events
string[]
secret
string

HMAC secret for verifying webhook signatures

is_active
boolean
request_id
string