Customer-Specific Authentication

Customer-specific authentication provides dedicated API credentials for each organization you integrate with. This method offers the highest level of security and access control.

When to Use Customer Authentication

Use customer-specific authentication when:

Direct Integration: You're building a solution for a specific school or organization
Enhanced Security: The customer requires dedicated credentials for compliance
Custom Access Controls: Different customers need different permission levels
Audit Requirements: Organizations need isolated access logs

How It Works

Each customer receives their own unique set of credentials:

Customer ID: Unique identifier for the organization
API Key: Customer-specific authentication token
Permissions: Customized access levels based on customer needs

Implementation

Request Structure

POST /api/SendMessage_V3/SMS
Host: m5api.groupcall.com
Content-Type: application/json

{
  "messageData": [
    {
      "CustomerId": "{CUSTOMER_ID}",
      "Password": "{CUSTOMER_API_KEY}",
      "SMSMessage": "Your message content here",
      "Recipients": [
        {
          "MobileNumber": "+447700900123"
        }
      ]
    }
  ]
}

Authentication Method

The Communications API uses payload-based authentication. Credentials are included in the request body rather than in headers. No Authorization header is required.

Implementation Example

{
  "messageData": [
    {
      "CustomerId": "{CUSTOMER_ID}",
      "Password": "{CUSTOMER_API_KEY}",
      "SMSMessage": "Your message content here",
      "Recipients": [
        {
          "MobileNumber": "+447700900123"
        }
      ]
    }
  ]
}

Complete Code Examples

For detailed implementation examples in C#, Python, and JavaScript, see our Authentication Code Examples guide.

Security Best Practices

Credential Management

Secure Storage: Store API keys in secure configuration management
Environment Variables: Never hardcode credentials in source code
Rotation: Implement regular credential rotation policies
Monitoring: Track API key usage and detect anomalies

Request Security

HTTPS Only: All requests must use HTTPS encryption
Rate Limiting: Implement client-side rate limiting
Error Handling: Don't expose credentials in error logs
Timeouts: Set appropriate request timeouts

Next Steps:

See Authentication Code Examples for complete implementation guides
Review Authentication Troubleshooting for common issues
Explore API Guides to start sending messages

When to Use Customer Authentication​

How It Works​

Implementation​

Request Structure​

Implementation Example​

Security Best Practices​

Credential Management​

Request Security​