Data Encryption in SMS
Learn how to secure SMS data with AES encryption
CPaaS supports feed-level data encryption to ensure secure data transmission and processing.
Note
Encryption can be enabled on specific feed IDs. To activate encryption, contact [email protected] and share the list of feed IDs where encryption is required.
Encryption Keys
CPaaS uses two keys for encryption:
- IV Key: Generated and managed by Netcore.
- AES Key: Provided by the customer.
AES Key Configuration Options
Customers can choose one of the following methods to configure the AES key:
- Share the AES key with Netcore: The customer can securely share the AES key with the Netcore support team. Netcore will configure the key against the specified feed IDs.
- Pass the AES key in the API request: Alternatively, the customer can include the AES key directly in the API call for each request.
API Payload Authentication
This feature is currently available for JSON API.
curl --location '<http://bulkpush.mytoday.com/BulkSms/v2/JsonSingleApi?feedid=392095'> \\
--header 'X-SSL: 2' \
--header 'X-SSLIV: 4czYKOaundJ4rSjo' \
--header 'X-AES-KEY: 6b6f74616b736170695f333836333939' \
--header 'Content-Type: text/plain' \
--data 'T4l08U9q7yUZr7H/I4h/cZyKTKgIXumC07bmI2Cz128my40HL0YmkCRBVA4e4e5cNpwNOb6FWVP5EEHqg9B8oWSKz7xg6uWxiVaZIlEZbA86qcFjThoH3VgEocewJw=='
Reference for unencrypted JSON Body for Data
{
"username": "<UNAME>",
"password": "<PASS>",
"mobile": "6299320904,7304817916",
"messages": "STN IS OK NC ALRT",
"senderid": "NETCRE",
"entityid": "1101734000000028857",
"templateid": "1107167637048047100",
"jobname": "TestJob",
"shortern": "1"
}
Parameters and Descriptions
| Location | Parameter Name | Type | Requirement | Description |
|---|---|---|---|---|
| Query | feedid | String | Required | Unique identifier assigned to the SMS feed. |
| Header | X-SSL | String (value = 2) | Required | Enables SSL-based encryption for the API request. |
| X-SSLIV | String | Conditionally Required | Initialization Vector (IV) key used for encryption. Required if X-AES-KEY is not passed. | |
| X-AES-KEY | String | Conditionally Required | AES encryption key provided by the customer. Required if X-SSLIV is not passed. | |
| JSON Body | username | String | Optional | API username. Required only when IP whitelisting is not enabled. |
| password | String | Optional | API password associated with the username. Required only when IP whitelisting is not enabled. | |
| jobname | String | Optional | Name of the SMS job for tracking and reporting. | |
| mobile | String | Required | Recipient mobile number in a valid format. | |
| messages | String | Required | SMS message content to be sent. | |
| async | String | Optional | Set to 1 to process the SMS request asynchronously. | |
| short | String | Optional | Set to 1 to enable URL shortening in the message. | |
| senderid | String | Optional | Sender ID displayed on the recipient’s device. | |
| entityid | String | Optional | DLT entity ID registered for the sender. | |
| templateid | String | Optional | DLT template ID associated with the message content. | |
| dlt_template_type | String | Optional | Template type as registered on the DLT platform. |
Sample Response Format
{
"status": "success",
"submittedAt": "2025-03-03 16:47:12",
"req_id": "63350558715"
}
Success Response Fields
| Field Name | Type | Description |
|---|---|---|
| status | String | Indicates the request status. Possible values are success or error. |
| submittedAt | String | Timestamp indicating when the request was submitted. |
| req_id | String | Unique identifier generated for the API request. |
Error Responses
Response Example: Authentication failure
{
"status" : "fail",
"submittedAt" : "2025-03-12 19:39:13",
"errors": [
{ "code" : "124",
"desc": "Authentication failure: Username/Password is invalid"
}
],
"req_id" : "-1"
}
Error Response Fields
| Field Name | Type | Description |
|---|---|---|
| status | String | Indicates the request status. Value is error. |
| submittedAt | String | Timestamp indicating when the request was submitted. |
| errors | Array | List of errors returned for the request. |
| errors[].code | String | Unique code representing the error type. |
| errors[].desc | String | Detailed description of the error. |
| req_id | String | Unique identifier generated for the API request. |
Important Point to Remember
Contact the Netcore support([email protected]) for help with the following requirements:
- Request the feed ID required to send SMS messages.
- Enable IP whitelisting for IP Validation.
- To obtain username and password for API Authentication.
- To pass AES key to Netcore team to enable encryption in transit.
Updated 1 day ago