EZWUse the EZW API to manage lines, staff, assignments, customer conversations, internal notes, and outbound replies from the same organization-scoped control layer used by the app.
The public documentation describes the current customer workspace API. API-key provisioning and formal partner access are handled during onboarding; self-serve developer apps are not public yet.
https://app.ezw.solutionsAuthorization: Bearer {idToken}JSON; multipart for image sendsSupport inbox, not bulk messagingUse a workspace account to receive an ID token. Use that token as the bearer token for API calls.
curl -X POST https://app.ezw.solutions/api/auth/login \
-H "Content-Type: application/json" \
-d '{
"email": "owner@example.com",
"password": "your-password"
}'Assignment writes require the current conversation version, which prevents overwriting another user.
curl -X POST https://app.ezw.solutions/api/conversations/{conversationId}/assign \
-H "Authorization: Bearer {idToken}" \
-H "Content-Type: application/json" \
-d '{
"targetUserId": "{userId}",
"expectedVersion": 7
}'Outbound sends require an idempotency key so retries do not create duplicate attempts.
curl -X POST https://app.ezw.solutions/api/lines/{lineId}/send \
-H "Authorization: Bearer {idToken}" \
-H "Content-Type: application/json" \
-H "Idempotency-Key: send-2026-05-07-001" \
-d '{
"conversationId": "{conversationId}",
"bodyText": "Thanks, I am checking this now."
}'Most endpoints require an organization principal. Returned resources are scoped by organization, actor role, line visibility, and conversation assignment rules.
Sign in, refresh a session, and inspect the current principal.
/api/auth/loginExchange workspace email and password for an ID token.
/api/auth/refreshExchange a refresh token for a fresh ID token.
/api/auth/sessionValidate the bearer token and return the authenticated principal.
Create the first organization record before billing and line setup.
/api/signup/organizationCreate an organization, owner user, pending billing state, and allocated line slots.
Create, connect, inspect, assign, restrict, and archive WhatsApp numbers.
/api/linesList visible WhatsApp lines with lifecycle and sendability state.
/api/linesCreate a line and queue QR pairing for the new number.
/api/lines/{lineId}/qrRequest a fresh QR pairing command for an existing line.
/api/lines/{lineId}/qrRead the current short-lived QR image data URL when one is available.
/api/lines/{lineId}/assignmentSet or clear the default assignee for conversations on a line.
/api/lines/{lineId}/permissionsList explicit staff permissions for one line.
/api/lines/{lineId}/permissions/{targetUserId}Set whether a staff member can view and send from a line.
/api/lines/{lineId}/permissions/{targetUserId}Clear explicit permissions back to the workspace default.
/api/lines/{lineId}/archiveArchive a line and stop it from being used for new work.
Read conversations, claim ownership, assign staff, edit contact names, and add internal notes.
/api/conversationsList conversations visible to the authenticated operator.
/api/conversations/{conversationId}/messagesRead the timeline for one conversation.
/api/conversations/{conversationId}/claimClaim an unassigned conversation using expectedVersion conflict protection.
/api/conversations/{conversationId}/assignAssign a conversation to another staff member using expectedVersion conflict protection.
/api/conversations/{conversationId}/contactUpdate the internal display name for a customer contact.
/api/conversations/{conversationId}/notesList internal-only notes for a conversation.
/api/conversations/{conversationId}/notesCreate an internal-only note that is never sent to WhatsApp.
Queue operator replies from a connected line with durable idempotency.
/api/lines/{lineId}/sendQueue a text reply or one image attachment to an existing conversation or direct recipient.
Fetch signed URLs for archived customer media without exposing storage credentials.
/api/attachments/{attachmentId}/urlCreate a short-lived signed media URL, with expiresInSeconds from 1 to 3600.
Invite staff, update roles, disable users, and inspect access history.
/api/membershipsList active and invited workspace members.
/api/membershipsInvite a staff member with a supported organization role.
/api/memberships/{targetUserId}Change a member role.
/api/memberships/{targetUserId}Disable a member.
/api/audit-logsRead organization audit events, optionally filtered by eventType.
Read billing state, start recovery checkout, and subscribe to workspace changes.
/api/billing/statusRead current billing state, policy, line slots, and seat counts.
/api/billing/recovery/checkoutCreate a billing recovery checkout session when the workspace is restricted.
/api/live/streamOpen an authenticated Server-Sent Events stream for workspace updates.
Outbound sends require the Idempotency-Key header. Line creation and QR commands accept an idempotencyKey body field when the caller needs retry-safe setup.
Conversation assignment and claim calls require expectedVersion. If another operator changes the conversation first, the API returns a conflict instead of guessing.
Outbound media sends currently support image attachments up to 25 MB. Archived inbound media is read through short-lived signed URLs.
GET /api/live/stream opens an authenticated Server-Sent Events stream for durable refresh hints. Clients should still refetch the source endpoint after an event.
400Invalid request body, query value, idempotency key, or send target.
401Missing, expired, invalid, or unconfigured bearer token.
403Authenticated user does not have the required workspace, role, or line permission.
404The scoped organization resource was not found or is not visible to the caller.
409Conflict, duplicate setup, stale expectedVersion, or non-sendable line state.
501The deployment is missing a required source-of-truth service for that endpoint.
EZW v1 is a support inbox and owner-control API for teams using their existing WhatsApp numbers. It does not expose campaign broadcasts, cold outbound lists, or a chatbot-first automation surface.
Request integration access