HTTP RECIPE

Generic Webhook Recipe

Any platform that can make an outbound HTTPS POST and receive an inbound HTTPS POST can integrate with Gravity SMS. This page is the canonical pattern that the Zapier, Make, and n8n guides all reference.

Prerequisites

A Gravity SMS API key — Authentication
A connected RingCentral account — Connecting RingCentral
Phone numbers in E.164 format (e.g. +14155551234)

Send an SMS

Configure your platform to make a POST request with these exact ingredients:

Ingredient	Value
Method	`POST`
URL	`https://smsgateway-api.onrender.com/v1/sms/send`
`Authorization` header	`Bearer YOUR_API_KEY`
`Content-Type` header	`application/json`
Body	JSON — see below

Body

JSON payload

{
  "to": "+15551234567",
  "from": "+15559876543",
  "body": "Hello from the integration"
}

to — recipient, E.164 format
from — one of your RingCentral SMS-enabled numbers, E.164 format
body — 1–1600 characters

Equivalent curl

curl

curl -X POST https://smsgateway-api.onrender.com/v1/sms/send \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "to": "+15551234567",
    "from": "+15559876543",
    "body": "Hello from the integration"
  }'

Response (202 Accepted)

Response

{
  "messageId": "msg_a1b2c3d4e5f6",
  "status": "queued"
}

The message is queued. Use GET /v1/sms/status/:messageId to poll status, or rely on inbound webhooks/WebSocket for delivery updates.

Receive inbound SMS

To receive inbound SMS in your platform, give Gravity SMS a URL on your platform that accepts a POST. We POST a JSON payload to that URL every time an inbound SMS arrives on one of your numbers.

In your platform, create a webhook trigger / catch hook / inbound HTTPS endpoint.
Copy the URL the platform gives you.
Paste it into your app's webhookUrl in the Gravity SMS dashboard, or via PUT /v1/apps/:appId.
Send a test SMS to one of your numbers from another phone. The platform should fire your workflow.

Inbound payload

Payload sent to your webhook URL

{
  "type": "sms_inbound",
  "messageId": "msg_a1b2c3d4e5f6",
  "from": "+15551234567",
  "to": "+15559876543",
  "body": "Reply text from your customer",
  "rcMessageId": "12345678",
  "tenantId": "tenant_abc123def456abcd",
  "timestamp": "2026-05-11T14:30:00.000Z",
  "receivingExtensionId": "12345678"
}

See the full Webhooks API reference for field details.

Verifying the payload is from us

Outbound webhooks are signed with HMAC-SHA256 using your app's webhookSecret. See Webhooks Guide for signature verification. Most no-code platforms don't verify signatures by default — that's usually fine for inbound SMS, but for sensitive workflows consider a tiny intermediate service that verifies and forwards.

Consent is your responsibility

Sending SMS to recipients who haven't given prior express consent is a TCPA violation in the US (and similar rules apply in CA, AU, UK, EU). "Trigger an SMS on every new row" patterns are a common way to accidentally violate this. Verify each recipient has opted in before your workflow sends.

Platform-specific guides

Power Automate — prebuilt connector (no HTTP needed)
Zapier — Webhooks by Zapier
Make — HTTP module + Webhooks trigger
n8n — HTTP Request node + Webhook node
Monday.com — native integration