Credentials
Instaply integrations use more than one kind of credential. Use the table below to pick the right one for your project, then open the linked page for details.
The organization secret used for the Instaply HTTP API and widget (HTTP header token) and for the mobile SDK (the apiKey argument) is documented here as the API token — the same credential, regardless of older names like “organization API key.” IVR sends the API token as the key field in the URL or JSON body.
| Surface | What you use |
|---|---|
| Instaply API | API token in the token request header |
| Widget | API token in the token request header |
| Mobile SDK (iOS / Android) | API token plus server-generated nonce and verification digest (SHA1) tied to the customer ID |
| IVR hook | API token sent as the key field (JSON body or query string) |