Skip to main content

Overview

The Lamah SMS API uses Bearer token authentication. All API requests must include a valid API token in the Authorization header.

Getting Your API Token

1

Log into Dashboard

Visit https://sms.lamah.com and log into your account.
2

Navigate to Projects

Go to the Projects section in your dashboard.
3

Create or Select Project

Create a new project or select an existing one.
4

Copy API Token

Find and copy the API token from the project details page.

Using Your API Token

Include your API token in the Authorization header of every request: 
curl --request GET \
  "https://sms.lamah.com/api/project/details" \
  --header "Authorization: Bearer YOUR_API_TOKEN" \
  --header "Accept: application/json"

Authentication Errors

If authentication fails, you’ll receive a 401 Unauthorized response: 
{
  "error": "Unauthorized",
  "message": "Invalid or missing API token",
  "code": "INVALID_TOKEN"
}
Common authentication issues:
Make sure you include the Authorization header in every request.
Authorization: Bearer YOUR_API_TOKEN
Ensure your token follows the correct format: Bearer YOUR_API_TOKENIncorrect:
Authorization: YOUR_API_TOKEN
Authorization: Token YOUR_API_TOKEN
Correct:
Authorization: Bearer YOUR_API_TOKEN
If your token is expired or invalid, generate a new one from your dashboard.
Make sure your project has the necessary permissions for the endpoint you’re trying to access.

Security Best Practices

Keep your API tokens secure and never expose them in client-side code or public repositories.

Token Security Guidelines

  1. Store Securely: Store your API tokens in environment variables or secure configuration files
  2. Rotate Regularly: Regenerate your tokens periodically for enhanced security
  3. Use HTTPS: Always use HTTPS when making API requests
  4. Monitor Usage: Regularly monitor your API usage for any suspicious activity

Environment Variables Example

# .env file
LAMAH_API_TOKEN=your_actual_api_token_here
LAMAH_BASE_URL=https://sms.lamah.com

Testing Authentication

You can test your authentication by calling the project details endpoint: 
curl --request GET \
  "https://sms.lamah.com/api/project/details" \
  --header "Authorization: Bearer YOUR_API_TOKEN"
A successful response will return your project details, confirming that your authentication is working correctly.