Skip to content


This section provides details about the authentication process for the Direct7 (D7) Messaging API.

Method of Authentication

D7 API uses OAuth 2.0 based bearer token authentication for strong security and reliability. In order to keep your data secure, we highly recommend using all endpoints with encryption. D7 API support both TLS and SSL protocols.

Create app and Get auth token

You need to create an application on D7 Control panel in order to obtain the client_id and client_secret, which you can use for application authentication.

Once the application is created, a page will appear with the Client ID, Client Secret, and the option to Generate auth token. It will generate a new token instantly when you click on it. Since this token will not be stored in our system, please take note of it.

For creating the first app please visit D7 Control panel Image title

Generate auth token using api

For the convenience we have added option to generate the token directly from D7 Control panel

Either you can use that option or if you need, you can call /auth/v1/login/application with client_id and client_secret as body parameters to aquire the auth token in response. For messaging and verify endpoints you have to use this token.

Regeneration of Token

You can regenerate as many auth token using the same client_id and client_secret. However removing the app from control panel will invalidate all these tokens.

Revoke Token acces

For revoking access you can login to D7 Control panel and delete or recreate the app, which will invalidate all the existing tokens.