Sign InGet Started
api.politicalcomms.com/v1

Build on the political
texting standard.

One REST API for projects, contact lists, media, analytics, billing, and your full organizational hierarchy. OpenAPI 3.1 spec, HMAC-signed webhooks, idempotent writes.

Read the docsTalk to engineering
OpenAPI 3.1
Machine-readable spec
HMAC
Webhook signing
X-API-Key
Auth header
100 req/hr
Rate limit per key
# 1. Create a project (composes the message and links)
curl https://api.politicalcomms.com/v1/projects \
  -H "X-API-Key: $POLITICAL_COMMS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "GOTV reminder - District 5",
    "campaign_id": "camp_01HX...",
    "contact_list_id": "list_01HX...",
    "body": "Polls close at 7pm. Reply STOP to opt out."
  }'

# 2. Schedule the project to send
curl https://api.politicalcomms.com/v1/projects/{project_id}/schedule \
  -X POST \
  -H "X-API-Key: $POLITICAL_COMMS_API_KEY" \
  -H "Idempotency-Key: $(uuidgen)" \
  -H "Content-Type: application/json" \
  -d '{ "send_at": "2026-11-03T18:00:00Z" }'
Webhook delivers status the moment a carrier confirms.
CAPABILITIES

Every surface campaigns ship against.

First-class API surfaces. Each one maps directly to a documented section of the API reference.

AUTH AND PRIMITIVES

The four facts to know before you start.

The API is intentionally small and predictable. Auth, idempotency, rate limits, and webhook signing are documented once and applied consistently across every endpoint.

Authentication docsOpenAPI spec

API key in the X-API-Key header

Generate keys in the dashboard at Admin then API Keys. Keys are prefixed pc_live_ and only shown once. Custom domains are supported for white-labeled deployments.

Idempotency-Key on writes

All POST and PATCH endpoints that mutate state are designed to be safe to retry. Pass an Idempotency-Key header for stronger guarantees on write operations.

100 requests per hour per API key

Standard rate limit. Response headers tell you where you stand. Stagger high-volume integrations across multiple keys when needed.

HMAC-signed webhooks

Always validate the HMAC signature before trusting any payload. Retries follow an automatic policy if your endpoint returns a non-2xx response.

WEBHOOKS

Five events. One pattern.

Subscribe an HTTPS endpoint and the platform pushes every relevant event with an HMAC signature. Validate the signature before trusting the payload. Non-2xx responses trigger automatic retries.

  • message.sent
  • message.delivered
  • message.failed
  • message.replied
  • link.clicked
Webhook events reference
POST https://your-app.example/webhooks/pcomms
{
  "event": "message.delivered",
  "occurred_at": "2026-05-13T19:42:17Z",
  "data": {
    "project_id": "proj_01HX...",
    "campaign_id": "camp_01HX...",
    "brand_id": "brand_01HX...",
    "contact_phone": "+15551234567"
  }
}

# Validate this header before trusting the payload:
#   X-Pcomms-Signature: sha256=<hmac of raw body>
COMPLIANCE

Built on the political compliance stack.

The platform handles 10DLC, Campaign Verify, TCPA, FCC rules, and CTIA principles. The compliance documentation lives alongside the API reference.

The Campaign Registry (10DLC)Campaign VerifyTCPAFCC Political Text RulesCTIA Messaging PrinciplesCompliance Checklist

Versioning

URI versioned (/v1). Breaking changes ship under new prefixes. The current spec is published alongside every release.

OpenAPI 3.1

Machine-readable spec at docs.politicalcomms.com/api-reference/openapi.json

Tooling

Direct HTTP from your language of choice. Postman collection export is available from the dashboard. No official SDKs.

Provision a key. Send your first project.

Generate an API key from the dashboard, import a contact list, create a project, schedule it. The full walkthrough lives in the onboarding guide.

Onboarding guideAPI overview