VoiceCraft logo
Central de ajuda/API & Webhooks/API authentication and webhook setup
1 min de leitura

API authentication and webhook setup

S
Sharan Karthikeyan·24 de abril de 2026

API authentication

VoiceCraft uses two authentication methods depending on the endpoint:

Session-based (dashboard routes)

Routes accessed through the dashboard use your login session (NextAuth JWT). No additional setup needed.

API key (webhook and agent routes)

Webhook endpoints and agent-to-web calls use an API key passed in the x-api-key header.

Your API key is available in Settings. Keep it secret. Do not expose it in client-side code.

x-api-key: your-api-key-here

Webhook endpoints

VoiceCraft exposes several webhook endpoints for integration with external systems:

Endpoint

Purpose

/api/webhooks/twilio-voice

Inbound call routing (returns TwiML for LiveKit)

/api/webhooks/availability

Check appointment slot availability

/api/webhooks/book

Book an appointment

/api/webhooks/send-sms

Send an SMS message

These are used by the voice agent worker and can also be called from external systems with proper API key authentication.

Setting up webhooks

  1. Go to Settings from the user menu.

  2. Find your API key in the API Keys section.

  3. Use this key in the x-api-key header when calling any webhook endpoint.

  4. All webhook requests must be POST with a JSON body.

Security

  • Rotate your API key if it is ever exposed.

  • Webhook endpoints validate the API key on every request.

  • All API communication happens over HTTPS.

Este artigo foi útil?

Artigos relacionados

REST API endpoints reference

Precisa de mais ajuda?

Não encontrou o que procurava?

Ver todos os artigos

Nesta página

API authenticationSession-based (dashboard routes)API key (webhook and agent routes)Webhook endpointsSetting up webhooksSecurity