Before sending OTP messages, you need to create a WhatsApp channel for your brand. The request below helps you set up the channel and connect it with your WhatsApp Business Account.
Endpoint and Headers
This API key is sensitive and should never be used on the front end or mobile SDK; it should only be implemented on the back end.
Visit our Postman collection to test this request.
Headers
| Header | Sample Value | Description |
|---|---|---|
| X-INS-AUTH-KEY | 1a2b3c4d5e6f | This key is required to authorize your request. Refer to API Authentication Tokens to generate your token. |
| Content-Type | application/json | This header specifies the media type of the resource. |
Body Parameters
| Parameter | Description | Data Type | Required | Rules |
|---|---|---|---|---|
| channel | The channel that you will send the OTP code to. It will be WhatsApp. | String | Yes | oneof:whatsapp |
Sample Request
Every request made to the request endpoint requires a request body formatted in JSON and containing your parameters.
Make sure to replace the sample values in the request header(s) and body where required before sending your request.
Below is a sample request to create a new WhatsApp verification channel.
curl --location 'https://verify.useinsider.com/v1/channel/create' \
--header 'Content-Type: application/json' \
--header 'x-ins-auth-key: 1a2b3c4d5e6f' \
--data '{
"channel": "whatsapp"
}'Sample Responses
201 Created
{
"status": "success"
}400 Bad Request: Invalid request payload
{
"errors": [
{
"message": "invalid request payload"
}
]
}400 Bad Request: Invalid channel value
{
"errors": [
{
"message": "this field must be one of these:whatsapp",
"field": "channel"
}
]
}400 Bad Request: Channel already exists
{
"errors": [
{
"message": "channel already exists"
}
]
}
401 Unauthorized
{
"errors": [
{
"message": "unauthorized"
}
]
}429 Too Many Requests
{
"errors": [
{
"message": "rate limit exceeded"
}
]
}500 Internal Server Error
{
"errors": [
{
"message": "server error"
}
]
}Limitations
- All functions must be executed with a simple HTTPS POST request.
- The API Key should be provided as the authorization key in the request header. If the key is incorrect, the operation will not be executed, and an authorization error will be returned in the response.
- The service is subject to a rate limit of 100 requests per second to ensure optimal system performance, and clients exceeding this limit will receive an HTTP 429 Too Many Requests response.
The default limit shown here is a standard baseline. If your use case requires higher capacity, feel free to reach out to the Insider One team — we can adjust it to fit your needs.