We currently have two APIs which send HTTP POST requests to customers; inbound fax, and inbound SMS.
These have been in place for many years, and have fallen behind in supporting the latest security, such as TLSv1.2 despite this being supported by our own API for some time now.
Behind the scenes, we’re also looking at other uses for outbound HTTP POST functionality for more exciting features in the the future and with this in mind we’ve taken the opportunity to give this entire system a long-overdue update more befitting of our new stack.
Today this is going into a wider beta, and some customers have been using it for some time already.
TLS v1.1 and v1.2 are supported and encouraged. Unencrypted HTTP is also still supported, but it’s important to note that this support may not continue to final release.
There is little reason to be using unencrypted HTTP now, especially with services like LetsEncrypt automating the generation of valid credentials free of charge, and the general trend to a https-default Web.
SMS and Fax messages can include sensitive information, and personal data, we expect that the majority of our customers will want to use encrypted channels to receive them.
JSON Bodies Only
At the moment, to keep it simple and consistent, the new beta service only supports HTTP POST requests with JSON in the body (sent as
Content-Type: application/json) as opposed to the traditional HTML form method (
Therefore, to use the beta, you will need to create a new endpoint at your side.
The final version of this will replace the current service, and be backwards compatible with the payload variable that you’re used to receiving.
This service had been rebuilt from the ground up, and can handle far higher volumes of requests than our legacy service which opens the door to more realtime information we can push to your platform in the future.
As always, you can find details on this within our API Documentation, and options to set these endpoints will be in the portal soon.