Your integration surface — build any commerce, CRM or workflow integration.
WBIZ doesn't ship prebuilt Shopify, Salesforce or Zapier connectors — it ships a clean REST API and signed outbound webhooks so you build any integration you need. Zero markup, zero rate-limit gating beyond fair use, granular per-key scopes, reveal-once secrets and an embedded API playground.
POST /v1/messages/text, POST /v1/messages/template. Reveal-once secrets. HMAC-signed outbound webhooks.
Public REST v1
Two well-defined send endpoints — text and template.
POST /v1/messages/text sends free-form text inside the WhatsApp 24-hour window; POST /v1/messages/template sends an approved template at any time. Both endpoints accept the contact phone in E.164, return a typed response, and respect the Cloud API's window rules — so you never accidentally send a marketing template into a closed window.
- POST /v1/messages/text — free-form within the 24h window
- POST /v1/messages/template — approved templates any time
- Per-key scopes: contacts:read, webhooks:manage, etc.
- Reveal-once secrets — leaked keys are easy to rotate
curl -X POST https://api.wbiz.in/v1/messages \
-H "Authorization: Bearer wbiz_live_xxx" \
-H "Content-Type: application/json" \
-d '{
"to": "+919876543210",
"type": "template",
"template": {
"name": "order_dispatched_v3",
"language": "en_IN",
"components": [
{ "type": "body", "parameters": [
{ "type": "text", "text": "Priya" },
{ "type": "text", "text": "#4421" }
]}
]
}
}'Outbound webhooks done right
HMAC-signed POSTs, retried, dead-lettered.
Subscribe a URL to per-event filters. Every webhook is HMAC-signed, retried on failure with backoff, and falls into a dead-letter queue you can replay. Test-fire any event from the dashboard and see the full delivery history per subscription. Rotate the signing secret without dropping events.
- HMAC-SHA256 signature on every payload
- Per-event filtering — subscribe only what you need
- Retries with backoff and dead-letter queue
- Test-fire from dashboard + delivery history per subscription
Webhook events
Live- message.receivednowyour-app.com/hooks
- message.delivered1syour-app.com/hooks
- message.read3syour-app.com/hooks
- conversation.assigned12syour-app.com/hooks
- campaign.completed4myour-app.com/hooks
Embedded API playground
Try the API in the dashboard, with one-click ephemeral keys.
An embedded API playground lives at /docs/playground/ and at /app/api-playground/ inside the portal. Newly-issued playground keys auto-flow into the playground via sessionStorage, so you can try the API in seconds without rolling production credentials. The same playground is available pre-login on the marketing site.
- Playground at /docs/playground/ and /app/api-playground/
- One-click ephemeral playground keys
- Freshly-issued keys auto-flow via sessionStorage
- Same playground component on the marketing site
curl -X POST https://api.wbiz.in/v1/messages \
-H "Authorization: Bearer wbiz_live_xxx" \
-H "Content-Type: application/json" \
-d '{
"to": "+919876543210",
"type": "template",
"template": {
"name": "order_dispatched_v3",
"language": "en_IN",
"components": [
{ "type": "body", "parameters": [
{ "type": "text", "text": "Priya" },
{ "type": "text", "text": "#4421" }
]}
]
}
}'By the numbers
What teams ship on WBIZ.
0
Public send endpoints: text + template
0
Reveal-once secret per key
0
HMAC-signed webhook delivery
0
Markup over Meta pass-through
Build on WBIZ. Build any integration via REST + webhooks.
There are no prebuilt Shopify, Salesforce, HubSpot, Zapier or n8n connectors today — and that's on purpose. The WBIZ REST API and outbound webhooks are your integration surface; build the connector your business actually needs. We also carry the Cloud API version-upgrade pain so your codebase doesn't.
REST + playground
Two send endpoints, embedded playground at /docs/playground/ and /app/api-playground/.
Signed webhooks
HMAC-SHA256, retries with backoff, dead-letter queue, per-event filtering, secret rotation.
Scoped API keys
Per-key granular scopes (contacts:read, webhooks:manage, etc.) with reveal-once secrets.
India-first hosting
Hosted in India by default. Encryption in transit; secrets stored encrypted at rest.
Use any tool
Bring your existing dev workflow.
A standard REST API plus signed webhooks slots into whatever stack you run. No prebuilt connectors — bring your own glue.
REST
POST /v1/messages/text and /template
Outbound webhooks
HMAC-signed, retried, dead-lettered
Embedded playground
/docs/playground/ + /app/api-playground/
Scoped keys
Granular per-resource permissions
Per-event filtering
Subscribe only what you need
India-hosted
Encryption in transit + at rest
FAQ
API, answered.
No. WBIZ ships a public REST API and HMAC-signed outbound webhooks; that is your integration surface. Build the Shopify, Salesforce, HubSpot, Zapier or n8n connector your business actually needs — no prebuilt vendor lock-in.
You can absolutely call Meta directly. WBIZ wraps it with stable send endpoints, scoped API keys, signed outbound webhooks with retries and a dead-letter queue, an embedded playground, and a Cloud API version-upgrade story so your code keeps working.
Each workspace can hold multiple API keys with granular per-resource scopes (contacts:read, webhooks:manage, and more). Secrets are reveal-once at creation; rotate by issuing a new key and revoking the old one. Playground keys are one-click ephemeral.
Yes — every webhook payload is signed with HMAC-SHA256 using your shared secret. Retries fire on failure with backoff; failures land in a dead-letter queue you can replay from the dashboard. Per-event filtering and secret rotation are built in.
India by default — built in India, hosted in India. Encryption in transit; secrets stored encrypted at rest.