Requirements

To use the OpenPhone API, you will need: An active OpenPhone subscription Owner or admin privileges in your OpenPhone workspace
Additional Messaging Requirements: If you plan to send text messages to US numbers via the API, you will also need to complete US Carrier Registration. Learn more here.

Generating API keys

The OpenPhone API uses API keys for authentication. This ensures secure access to your account’s data and functionalities. Here’s what you need to know about authentication.

1. Log in

To get started, first log in to your OpenPhone account. If you haven’t created an OpenPhone account yet, follow the tutorial here.

2. Navigate to workspace settings

Under your workspace settings, navigate to the “API” tab. You must be a workspace owner or admin to access this tab.

3. Generate your API key

Select “Generate API key” and give your key a label. You can create multiple keys for different applications, each with full API access.
Keys can be revoked or deleted at any time from the “API” tab in Workspace Settings.

4. Make your first call

To authenticate your API requests, include your API key in the Authorization header of each request. 
Authorization: YOUR_API_KEY

Security best practices

Remember, your API key carries the same privileges as your OpenPhone account. Protect it as you would your account password. Follow these guidelines to ensure your account remains secure.
  • Keep your API keys confidential
  • Don’t share your API keys in publicly accessible areas such as GitHub or client-side code
  • Regularly rotate your API keys to enhance security
  • If a key is compromised, revoke it immediately and generate a new one
If you need to revoke access for a specific integration or application, you can delete the corresponding API key without affecting other integrations.