Developers
An API your engineers will actually like.
Send WhatsApp messages, manage templates and contacts, and stream every delivery event back into your systems — with sandbox keys that work before your number goes live.
REST + JSON · Signed webhooks · Sandbox included
# Send a template message
curl -X POST https://api.infiq.in/v1/messages \
-H 'X-INFIQ-API-KEY: isk_live_y1OK…r5Nz1L' \
-H 'Content-Type: application/json' \
-d '{
"messaging_product": "whatsapp",
"to": "918435053922",
"type": "template",
"template": {
"name": "reminder_1",
"language": { "code": "ca" },
"components": [
{ "type": "header", "parameters": [
{ "type": "image",
"image": { "link": "https://www.infiq.in/brand/logo-primary.png" } }
] },
{ "type": "body", "parameters": [
{ "type": "text", "text": "Rajesh" },
{ "type": "text", "text": "sk marketing" },
{ "type": "text", "text": "activated" }
] }
]
}
}'
// 201 Created
{ "messages": [{ "id": "wamid.HBgMOTE4NDM1…", "message_status": "accepted" }] }Platform access
The whole platform, over REST
Everything in the dashboard is available over the API — and everything that happens streams back to you as an event.
API keys & sandbox
Generate scoped API keys from the dashboard and start in a sandbox that simulates delivery events — no live number needed to build.
REST API
Predictable JSON endpoints for messages, templates, contacts, media and analytics. Idempotency keys on writes, cursor pagination on reads.
Webhooks
Subscribe to delivery, read, reply and quality-rating events. Signed payloads, automatic retries with exponential backoff, and a replay tool.
Automatic retries
Failed sends queue and retry with jitter. Webhook deliveries retry for 24 hours until your endpoint returns 2xx.
Security by default
HMAC-SHA256 webhook signatures, TLS everywhere, IP allowlisting and key rotation without downtime.
Predictable rate limits
Burst-friendly limits with limit, remaining and reset headers on every response. WhatsApp messaging-tier pacing is handled by the platform, so your quality rating stays protected.
Webhooks
Every event, pushed to you
Delivery receipts, reads, replies, template approvals and quality-rating changes land on your endpoint within seconds — signed, ordered and retried until acknowledged.
- message.delivered
- message.read
- message.replied
- message.failed
- template.status
- quality.updated
X-InfiQ-Signature: sha256=…
{
"event": "message.read",
"id": "evt_2c91",
"created": "2026-07-08T10:42:07Z",
"data": {
"message_id": "msg_8f2a",
"to": "+91982XXXXX01",
"template": "order_shipped",
"read_at": "2026-07-08T10:42:05Z"
}
}Key management
Scoped keys with real controls
Every key carries its own scopes, IP allowlist, rate limit and expiry — rotate or revoke without touching the others.
Settings
Danger zone
Scopes
admin:* scopes are owner-only. Keys never gain scopes silently — every change lands in the audit log.
Observability
See every request, down to the log line
Per-key traffic, latency percentiles and raw request logs with a tamper-evident hash chain — built in, no third-party APM required.
89,476 requests in this window
Requests & errors
2xx errorsLatency
Top endpoint
Raw logs
| Time | Method & path | Status | Duration | IP |
|---|---|---|---|---|
| 06/07, 16:48:30 | POST/v1/messages | 202 | 268ms | 203.0.113.45 |
| 06/07, 16:48:30 | POST/v1/messages | 202 | 69ms | 203.0.113.45 |
| 06/07, 16:48:29 | POST/v1/messages | 202 | 44ms | 203.0.113.45 |
| 06/07, 16:48:29 | POST/v1/messages | 202 | 29ms | 203.0.113.45 |
| 06/07, 16:48:28 | POST/v1/messages | 202 | 31ms | 203.0.113.45 |
rowHash: 5e5619…e2962c · prevHash: 21004a…d1fd62 — every log entry is hash-chained, so history can't be silently rewritten.
FAQ
Developer FAQs
How do I get API access?
API and webhook access are included on the Growth plan and above (Lite covers the dashboard, CRM, broadcasts and inbox without API access). On Growth, open Settings → Developers in the dashboard and generate an API key. Sandbox keys are available immediately; production keys activate once your WhatsApp number is live.
How do webhooks work?
Register an HTTPS endpoint in the dashboard and choose the events you want — message.delivered, message.read, message.replied, template.status, quality.updated and more. Each payload is signed with HMAC-SHA256 so you can verify it came from InfiQ, and failed deliveries retry for 24 hours.
Is there a sandbox for testing?
Yes. Sandbox keys let you send test messages and receive simulated webhook events end to end without a live WhatsApp number or per-message charges.
What are the rate limits?
Each key carries its own rate limit, set when you create it, and every response returns limit, remaining and reset headers so clients can self-throttle. WhatsApp's own messaging tiers are handled by the platform — sends are paced automatically to protect your quality rating.
Do you have SDKs?
The API is plain REST with JSON, so any HTTP client works. Copy-paste examples for cURL, Node.js and Python live in the docs, and an OpenAPI spec is available for generating typed clients.
Ship your first integration this week.
Sandbox keys are instant — build and test the full send-and-receive loop today, then flip to production once your number is live.
