For DevelopersAPI, keys & webhooks

For Developers

In one sentence

Almost everything you can do in the MsgBuddy screen, you can also do from code — via a REST API with secure keys, real-time webhooks, and safety features so automated sending stays reliable.

Note

This chapter is a high-level orientation for developers, written plainly. The exact endpoints and request formats live in the interactive API reference (Swagger) linked from Settings → Developers. Non-developers can skip this chapter entirely.

The three building blocks

BlockWhat it’s for
API keysProve it’s really your app calling.
REST APISend messages, manage contacts, run campaigns — programmatically.
WebhooksGet pushed events (new message, template approved) in real time.

API keys (live vs. test)

Create keys under Settings → Developers. Keys come in two flavours so you can build safely:

PrefixEnvironmentUse for
mb_test…TestDevelopment and experiments
mb_live…LiveReal messages to real customers
Note

Keep keys secret — anyone with a mb_live key can send on your behalf. You can rotate (replace) a key from the Developers screen if one is ever exposed.

Idempotency (no accidental double-sends)

When you send via the API, you can attach an idempotency key — a unique token for that request. If the same request is retried (say, after a network hiccup), MsgBuddy recognises the token and won’t send twice. This is what makes automated sending safe to retry.

Tip

Always set an idempotency key on send requests. It’s the difference between a retried request being harmless and a customer getting the same message five times.

Webhooks (the other direction)

The API is you calling MsgBuddy; webhooks are MsgBuddy calling you. Together they let you keep an external system perfectly in sync. Webhook deliveries are HMAC-signed and versioned so you can trust and evolve them.

How this connects

Next: use MsgBuddy beyond the browser — Apps →.