Developer API

Send a Telegram DM
with one POST.

A production-grade REST API for Telegram and X automation. Bearer auth, scoped keys, idempotency, rate-limit headers, outbound webhooks. No SDK required.

Get API key View OpenAPI docs

JSON over HTTPS
p99 < 240ms
99.95% uptime SLA

~/api-solid — bash

curl -X POST \

https://api.crmsolid.com/v1/messages/send \

-H "Authorization: Bearer cs_live_***" \

-H "Idempotency-Key: 9d2c-44e1" \

-H "Content-Type: application/json" \

-d '{

"account_id": 7421,

"to": "@sarah_miller",

"text": "Hey {first_name}, your invite is ready"

Response

Rate-limit headers

X-RateLimit-Limit: 600

X-RateLimit-Remaining: 588

X-RateLimit-Reset: 42s

Pick your stack

Same endpoint. Four languages.

One JSON contract. Copy, paste, ship. The full OpenAPI spec covers every endpoint, every error, every webhook payload.

curl -X POST https://api.crmsolid.com/v1/messages/send \

-H "Authorization: Bearer cs_live_***" \

-H "Idempotency-Key: $(uuidgen)" \

-H "Content-Type: application/json" \

-d '{"account_id":7421,"to":"@sarah_miller","text":"Welcome aboard"}'

Full reference + error catalog at api.crmsolid.com/swagger

Authentication

Scoped keys. Least privilege by default.

Generate scoped API keys: read-only for analytics dashboards, write-scoped for production senders, manage-scoped for ops automation. Rotate without downtime — keys overlap during cutover so nothing breaks.

Bearer authentication
Pass Authorization: Bearer cs_live_… on every request. Live and test keys are visually distinct so production flows stay safe.
Scoped permissions
Pick the smallest set of scopes a key needs. A leaked dashboard key can never send a message.
Zero-downtime rotation
Issue a replacement, deploy, then revoke the old key. Both are valid during the overlap window — no thundering-herd 401s.

Production sender

created 2026-04-18

LIVE

Token

cs_live_a4f9_•••••••••••••••

Scopes

read:contactsList, search, and export contacts.

read:messagesStream chat history & inbox threads.

read:analyticsPull funnel, sequence, and account stats.

write:messagesSend DMs and bulk broadcasts.

write:contactsCreate, update, tag, segment contacts.

manage:sequencesStart, pause, resume drip sequences.

manage:webhooksRegister and rotate webhook endpoints.

Active · last used 12s ago

Reliability

Backpressure that tells you everything.

Idempotency keys mean retries are safe — never send the same message twice. Rate-limit headers tell your client when to slow down before a 429 ever lands.

Response · 200 OK187 ms

X-RateLimit-Limit:600 # requests per minute, per key

X-RateLimit-Remaining:588 # left in the current window

X-RateLimit-Reset:42 # seconds until the window resets

Retry-After:12 # on 429, wait this many seconds

Idempotency loop

client.send(key=9d2c-44e1)→timeout→retry(key=9d2c-44e1)→same response, zero duplicates

Idempotency keys

Pass Idempotency-Key on every write. Retries return the original response — no duplicate messages, ever.

Adaptive rate limits

Defaults: 600 req/min and 50 sends/day per Telegram account, with auto flood-wait handling. Headers expose remaining budget so you never have to guess.

Stable error catalog

Every error returns a stable code you can branch on, plus a human message you can surface. RFC 7807 problem-detail format.

Webhooks

Outbound webhooks for every event.

Receive every CRM event in real time. HMAC-SHA256 signatures, automatic retries with exponential backoff, and a delivery log you can replay.

More events

message.sentmessage.failedcontact.createdcontact.taggedsequence.startedsequence.pausedjob.completedsubscription.upgraded

POST · your-handler

X-Signature: sha256=…delivered

{

"event": "message.received",

"id": "evt_01HKQ9R2X7",

"created_at": "2026-05-06T14:32:18Z",

"account_id": 7421,

"contact": "@sarah_miller",

"text": "Hey, can you send the demo?",

"thread_id": "th_5829"

}

Verify on receipt

const sig = crypto.createHmac('sha256', secret).update(rawBody).digest('hex');

if (sig !== headers['x-signature']) return 401;

Build with CRM Solid. Ship in minutes.

Generate a sandbox key, paste a curl, watch the message land. The full production contract is the same shape — no rewrites between dev and prod.

Get API key Read the docs

Free sandbox tier
Live keys in < 60 seconds
HMAC-signed webhooks

Already have an account? Find your keys in Settings → API

Telegram CRM

Twitter (X) CRM

Unified Inbox

Live Chat Widget

Sales Pipeline

Contacts CRM

AI Auto-Responder

AI Bots

Automation Sequences

Bulk Messaging

Message Templates

Analytics

Integrations

Public REST API

Group Member Discovery

Post Scheduler (X)

Post Scheduler (IG)

Send a Telegram DM
with one POST.

Same endpoint. Four languages.

Scoped keys. Least privilege by default.

Bearer authentication

Scoped permissions

Zero-downtime rotation

Backpressure that tells you everything.

Idempotency keys

Adaptive rate limits

Stable error catalog

Outbound webhooks for every event.

Build with CRM Solid. Ship in minutes.

Send a Telegram DMwith one POST.

Same endpoint. Four languages.

Scoped keys. Least privilege by default.

Bearer authentication

Scoped permissions

Zero-downtime rotation

Backpressure that tells you everything.

Idempotency keys

Adaptive rate limits

Stable error catalog

Outbound webhooks for every event.

Build with CRM Solid. Ship in minutes.

Send a Telegram DM
with one POST.