Introduction
This guide walks through a complete outbound WhatsApp flow using Buzzbip REST APIs. You need API access enabled on your account and at least one Meta-approved template. All calls target https://app.buzzbip.com with Authorization: Bearer <token>. For production, queue sends server-side and handle JSend errors explicitly.
Steps
Follow these steps to complete the integration.
- Authenticate with POST /api/login_check and store the JWT.
- Ensure your template is APPROVED (GET /api/whatsapp/templates/{id} or v2 equivalent).
- Create or locate a contact with POST /api/contacts/ or GET /api/contacts/.
- Send with POST /api/whatsapp/ including template_id and contact_id.
- Verify delivery in GET /api/whatsapp/ message history.
Details
This guide walks through a complete outbound WhatsApp flow using Buzzbip REST APIs. You need API access enabled on your account and at least one Meta-approved template. All calls target https://app.buzzbip.com with Authorization: Bearer <token>. For production, queue sends server-side and handle JSend errors explicitly.
curl -X POST 'https://app.buzzbip.com/api/whatsapp/' \
-H 'Authorization: Bearer ${TOKEN}' \
-H 'Content-Type: application/json' \
-d '{"template_id": 42, "contact_id": 1}'Test in staging before scheduling production sync or sends.
Integration notes
When integrating the Buzzbip send whatsapp message endpoint into your application, treat https://app.buzzbip.com as the only production host. Obtain a JWT from POST /api/login_check and send Authorization: Bearer <token> on every request. Confirm User.hasApiAccess is enabled in Buzzbip Admin — without it, valid tokens still receive authorization errors. Parse JSend responses by reading status, message, and data together; do not rely on HTTP status codes alone. For ecommerce plugins, also send x-api-key, x-platform-type, and x-base-uri as described in the secret-key documentation. Respect trailing slashes on routes such as POST /api/contacts/ and POST /api/whatsapp/. Implement retries with exponential backoff when you encounter rate limits, and log full error bodies during development. Store credentials server-side, rotate secrets if exposed, and re-authenticate before the 3600-second JWT TTL expires in long-running workers. Use pagination query parameters instead of unbounded list calls, and queue bulk WhatsApp or SMS sends from your backend rather than client browsers. Test against a small set of contacts before enabling production campaigns. Keep an integration runbook that lists which Buzzbip templates, automations, and API keys each deployment uses so on-call engineers can diagnose failures quickly.
Security
Security best practices for Buzzbip API clients include restricting API credentials to backend services, using TLS for every request, and monitoring failed authentication attempts. Separate staging and production Buzzbip accounts when possible so template tests do not message real customers. Document which templates and automations each integration triggers, and version your webhook or sync job deployments. When debugging, redact phone numbers and message bodies in application logs shared with third parties.
What's next?
Continue learning: api/whatsapp-messaging/send-whatsapp-message guides/create-whatsapp-template api/contacts
