Skip to main content
Version: Latest

Authentication

Hub Chatt2.me authenticates API requests with the API Key of your Application. Send it on every call from backend services, automations, and integrations.

API Key

The API Key is tied to an Application. All requests made with it operate within the context of that Application.

How to obtain

  1. Access the Hub Chatt2.me dashboard
  2. Navigate to your Application Select your App
  3. Go to Settings → API Key Create new API Key
  4. Click Generate new key and copy the displayed value Create API Key Copy API Key
warning

The key is displayed only once. If you lose access to it, you will need to generate a new one.

How to use

Send the key in the x-api-key header in all requests:

POST /v1/communication/telegram/message
x-api-key: your-api-key-here
Content-Type: application/json

Examples by language

cURL
curl -X POST https://api.chatt2.me/v1/communication/telegram/message \
  -H "x-api-key: your-api-key-here" \
  -H "Content-Type: application/json" \
  -d '{"from": "channel-uuid", "to": "123456789", "content": {"text": "Hello!"}}'
JavaScript (fetch)
const response = await fetch('https://api.chatt2.me/v1/communication/telegram/message', {
  method: 'POST',
  headers: {
    'x-api-key': process.env.CHATT2ME_API_KEY,
    'Content-Type': 'application/json',
  },
  body: JSON.stringify({
    from: 'channel-uuid',
    to: '123456789',
    content: { text: 'Hello!' },
  }),
});
Python (requests)
import requests
import os

response = requests.post(
    'https://api.chatt2.me/v1/communication/telegram/message',
    headers={
        'x-api-key': os.environ['CHATT2ME_API_KEY'],
        'Content-Type': 'application/json',
    },
    json={
        'from': 'channel-uuid',
        'to': '123456789',
        'content': {'text': 'Hello!'},
    },
)

Authentication errors

ScenarioStatusLikely cause
Key missing or malformed401x-api-key header not sent or has an invalid value
Key belongs to another Application401Using the wrong key for the Application
Channel does not belong to Application404The UUID in from does not exist or belongs to another key

Security best practices

  • Never expose the API Key on the frontend (HTML, client-side JavaScript, unobfuscated mobile apps).
  • Use environment variables to store the key (CHATT2ME_API_KEY=...).
  • Do not commit the key to git — add .env to .gitignore.
  • Rotate the key periodically in production environments.
  • If the key is compromised, generate a new one immediately in the Hub Chatt2.me dashboard — the old key will be invalidated.