Authentication

Use X-Api-Key as the primary credential for public API integration.

X-Api-Key: <api_key>
Authorization: Bearer <api_key> (alternative)

API key example

cURL

curl -X GET "https://api.wazapin.id/v1/messages" \
  -H "X-Api-Key: YOUR_API_KEY" \
  -H "Accept: application/json"

Optional: bearer token

Bearer token is also supported for public API key usage.

cURL

curl -X GET "https://api.wazapin.id/v1/messages" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Accept: application/json"

Token management

Store credentials in server-side secret manager.
Never expose credentials in browser client code.
Rotate credentials if you suspect leakage.

Creating API keys

Create and manage API keys from your Wazapin dashboard (organization settings). For public integration, use the generated key directly in X-Api-Key.

Treat API keys like passwords. Revoke and replace compromised credentials immediately.

Authentication errors

If token is missing or invalid, API returns 401 Unauthorized. See Error handling for response schema.

Start building

Reliability

Tools

API key example

Optional: bearer token

Token management

Creating API keys

Authentication errors

Start building

Reliability

Tools

​API key example

​Optional: bearer token

​Token management

​Creating API keys

​Authentication errors

API key example

Optional: bearer token

Token management

Creating API keys

Authentication errors