Platform API

Prepare to use API

Our Chat Platform API allows you to directly work with data resources related to your Sendbird application’s chat activities. The Chat API uses standard HTTP protocols where JSON payloads will be returned in response to the HTTP requests. It is internally implemented based on the RESTful principles. While the native SDKs handle many of the requests and responses at the client side, the Chat API adds flexibility and functionalities to your service from the server side.

Note: The Chat API is not designed for client side use. Use the corresponding Chat SDKs instead.

Base URL

The base URL used for the Chat API is formatted as shown below:


To get the ID and the allocated base URL of your Sendbird application, sign in to your dashboard, select the application, go to the Settings > Application > General, and then check the Application ID, API request URL.


A typical HTTP request to the Chat API includes the following headers:

Content-Type: application/json; charset=utf8
Api-Token: {master_api_token or secondary_api_token}
  • Content-Type: every request must include a Content-Type header.
  • Api-Token: either the master API token or a secondary API token is required for Sendbird server to authenticate your API requests. An exception occurs when you attempt to perform certain actions outside the scope of the current application such as creating a new application, or retrieving a list of Sendbird applications, in which case you should provide Basic Authentication.

Multipart requests

If your request contains a file, you should send a Multipart request. To make that request, specify multipart/form-data in the Content-Type header, as well as a boundary, which is a delimiter string that separates each data field.

Content-Type: multipart/form-data; boundary={your_unique_boundary_string}

Content-Disposition: form-data; name="property1"

Content-Disposition: form-data; name="property2"

Content-Disposition: form-data; name="property3"; filename="{file_name}"
Content-Type: {Content-Type}

[binary contents of the file]
# python: Create User API
import os
import requests
api_headers = {'Api-Token': '{master_api_token or secondary_api_token}'}
data = {
    'user_id': '{user_id}',
    'nickname': '{nickname}',
    'issue_access_token': True
filepath = os.path.join(os.path.dirname(__file__), FILE_PATH, '{file_name}')
upload_files = {'profile_file': ('{file_name}', open(filepath, 'rb'))}
res = requests.post('https://api-{application_id}.sendbird.com/v3/users',
        headers=api_headers, json=data, files=upload_files)


Using an API token

Your API requests must be authenticated by Sendbird server using any of the API tokens from your Sendbird application. For this, you can use the master API token in your dashboard under Settings > Application > General > API tokens, which is generated when an application has been created. The master API token can't be revoked or changed.

Using the master API token, you can generate a secondary API token, revoke a secondary API token, or retrieve a list of secondary API tokens. For most of the API requests, a secondary API token can be used instead of the master API token. As stated above, any one of the API tokens must be included in your HTTP request headers for authentication.

Note: Previously, our old Server API required the token to be included in the payload.

"Api-Token": {master_api_token or secondary_api_token}

DO NOT send any Chat API requests from your client app. If your API token information is leaked in the process of exchanging data, you could lose all your data by malicious API calls.

Using HTTP Basic authentication

Authenticate with HTTP Basic authentication when you want to delete or list all applications. In these scenarios, you can authenticate your request with your sign-in details instead of your API tokens. Generate a Basic Auth Header by inputting your sign-in email and password.

To manually create a basic auth header, follow the steps below:

  1. Combine your email and password with a single colon (:). For example, api@sendbird.com:1234
  2. Encode the resulting string using the RFC2045-MIME variant of Base64, no more than 76 characters per line. For example, type echo -n 'api@sendbird.com:1234' | base64 on the command line to encode.
  3. Prepend the authorization method Basic and a space to the encoded string, which is used as a value for an Authorization field. For example, Basic YXBpQHNlbmRiaXJkLmNvbToxMjM0
  4. Assign the resulting authorization information to the Authorization field in your HTTP header. For example, Authorization: Basic YXBpQHNlbmRiaXJkLmNvbToxMjM0

URL encoding

When sending requests over HTTP, you should encode URLs into a browser-readable format. URL encoding replaces unsafe non-ASCII characters with a % followed by hex digits to ensure readability.

In the following URL, the value of the user_id parameter should be urlencoded. For example, user_id@email.com is urlencoded to user_id%40email.com.

GET https://api-{application_id}.sendbird.com/v3/users/{user_id}

Note: If you want to know the ID and base URL of your application, sign in to your dashboard, select the application, go to the Settings > Application > General, and then check the Application ID, API request URL.

In most languages, you can encode URLs in a similar way as shown below.


It should return: bash api%40sendbird.com Your full request should look like the following. bash GET https://api-{application_id}.sendbird.com/v3/users/api%40sendbird.com