This API enables you to send targeted transactional WhatsApp messages to your users. You can send only text content in this message type.
You can send this message type if the user has sent a message to your number in the last 24 hours.
Refer to the visual below to see how the text message with an optional URL is displayed. 
Endpoint and Headers
Visit our Postman collection to test this request.
Headers
Header | Sample Value | Description |
|---|---|---|
X-INS-AUTH-KEY | 1a2b3c4d5e6f | This key is required to authorize your request. Refer to API Authentication Tokens to generate your token. |
Content-Type | application/json | This header specifies the media type of the resource. |
Body Parameters
Column | Description | Data Type | Required |
|---|---|---|---|
messages | All messages are contained in the messages key. You can send multiple messages with a single request | Array | Yes |
phoneNumber | Phone number for the person you want to send a message to. | String | Yes |
message | Message object | Object | Yes |
type | Must be a “text” for this message type. | String | Yes |
text | This object contains the properties of the text message. | Object | Yes |
preview_url | Allows for URL previews in text messages. This field is optional if there is no URL in your message. Values: false (default), true. | Boolean | No |
body | The text of the text message, which can contain URLs that begin with http:// or https://, and formatting. The maximum length is 4096 characters. | String | Yes |
WhatsApp Status Callback
The Status Callback allows you to track the delivery status of your WhatsApp messages in real time. When you send a message, the system sends status updates to the API URL you’ve specified in the callback parameter. If you don't respond to code between 200 and 300, the system automatically retries the request up to 10 times following this schedule:| Retry Attempt | Time After First Attempt |
|---|---|
| 1st retry | 1 minute |
| 2nd retry | 2 minutes |
| 3rd retry | 3 minutes |
| 4th retry | 8 minutes |
| 5th retry | 13 minutes |
| 6th retry | 18 minutes |
| 7th retry | 28 minutes |
| 8th retry | 38 minutes |
| 9th retry | 48 minutes |
| 10th retry | 1 hour |
Sample Request
Below is a sample request to send a transactional WhatsApp text message with an optional URL preview.
curl --location 'https://whatsapp.useinsider.com/v1/send' \
--header 'Content-Type: application/json' \
--header 'x-ins-auth-key: INS.**************************' \
--data '{
"messages": [
{
"phoneNumber": "+1**********",
"message": {
"type": "text",
"text": {
"preview_url": true,
"body": "Example Message"
}
}
}
]
}'Sample Responses
One key information will be returned for each message to be sent. This key will be added to all events related to the message.
{
"keys": [
"whatsapp-*************************"
]
}401 Unauthorized
If you use the wrong key, you will see the following error:
{
"message": "unauthorized"
}429 Rate Limit
If you send more than 1000 requests per second, you will see the following error:
{
"message": "rate limited"
}403 Forbidden
This error occurs when requests are blocked by Cloudflare’s security mechanisms, which act as an additional protection layer for Insider’s infrastructure.
As part of this setup, Insider complies with Cloudflare’s automated security policies. In certain cases, these mechanisms may block specific User-Agent values or IP addresses.
If the client IP is denied or restricted, the API will return the following response:
{
"message": "ip-restricted",
"error": {
"message": "ip-restricted",
"code": 1088
}
}
Notes:
403 Forbidden error occurs when the IP address is not whitelisted for you.
Error code 1088 is specific to IP restriction errors.
How to Troubleshoot a 403 Forbidden Error
If you encounter a 403 Forbidden error when making API requests, for example, through the Conversational or Transactional API, please check the following:
Verify the User-Agent header used in your HTTP client (especially default or empty values such as Java’s default
User-Agent).Review blocked requests under Security > Events in your Cloudflare dashboard to identify whether they were rejected due to User-Agent or WAF rules.
For more detailed troubleshooting guidance and Cloudflare’s official documentation, refer to the following resources:
Limitations
All functions must be executed with a simple HTTPS POST request.
Only new WhatsApp messages can be sent via this API. No data can be retrieved.
The API Key should be provided as the authorization key in the request header. If the key is incorrect, the operation will not be executed, and an authorization error will be returned in the response.
The rate limit is 1000 requests per second.
The default limit shown here is a standard baseline. If your use case requires higher capacity, feel free to reach out to the Insider One team — we can adjust it to fit your needs.