Skip to content

Authentication

Use your account API token with Authorization Bearer and channel keys on send.

3 min read

Account API token

The public API uses your Kirisan account API token — not a dashboard session cookie.

  1. Sign in at dash.kirisan.com.
  2. Open Account → Settings.
  3. Copy API token (or Regenerate token if it was exposed).

Send it on every request:

Authorization: Bearer YOUR_ACCOUNT_TOKEN
Content-Type: application/json

The token identifies your user account. Kirisan checks that every channel key in the request belongs to the same account.

Channel keys

POST /v1/send also requires channel keys in the JSON body — tokens that identify which WhatsApp device, Telegram bot, email sender, or WABA number sends the message.

{
  "keys": {
    "whatsapp": { "token": "DEVICE_TOKEN" },
    "email": { "token": "EMAIL_SENDER_TOKEN" }
  }
}
ChannelWhere to find the key
WhatsAppChannel → WhatsApp → Devices — device token (shown when the device is connected)
TelegramChannel → Telegram → Devices — bot token
WABAChannel → WABA → Devices — number token
EmailChannel → Email → Emails — per-sender API token

Include only the channels you are sending on. Each key must belong to your account — otherwise Kirisan returns 403.

Fallback keys

Optional fields on each key control cascade delivery (same as Use as fallback on Send → Send):

FieldTypeMeaning
fallbackbooleantrue — this channel is a fallback, not primary
fallback_sequenceintegerTier order — 1 runs before 2; same sequence sends in parallel

Primary channels (no fallback) send first. If they all fail, Kirisan tries fallback tier 1, then tier 2, until one channel succeeds. See Send API.

Regenerate token

If a token leaks, click Regenerate token under Account → Settings. The old token stops working immediately — update every script, server, and integration that calls the API.

Unauthorized responses

HTTP statusMeaning
401Missing Bearer token, or token not found on your account
403Bearer token valid but a channel key belongs to another user

Template endpoints (/v1/templates) are not published in this help center yet. Only POST /v1/send is documented for public API use.

Last updated: July 2, 2026
Was this page helpful?