SMS Channels (Custom SMS or other 3rd Party Providers)

Custom SMS Channels

Custom SMS channels lets you connect a third party SMS channel that Re:amaze does not support natively, as well as let you build your own SMS integration with Re:amaze.

How it works

When an SMS message is received, you will need to make a POST request to Re:amaze. Similarly, when a staff responds to an SMS, a request is made to the webhook URL defined when the SMS channel is created in Re:amaze.

Authentication

Each request going into and out of Re:amaze must include a X-Reamaze-Hmac-SHA256 header, which is the base64-encoded SHA256 HMAC hash generated using the channel's shared secret that's defined when the channel is created, along with the data sent in the request. This allows you to verify requests coming from Re:amaze as well as for Re:amaze to verify requests coming from you.

Here are some code examples on generating the SHA256 HMAC:

// PHP:
$data = '{"id":"1","body":"hello"}';
$shared_secret = 'your_shared_secret';
$calculated_hmac = base64_encode(hash_hmac('sha256', $data, $shared_secret, true));

// RUBY:
require 'base64'
require 'openssl'
SHARED_SECRET = 'your_shared_secret'
data = '{"id":"1","body":"hello"}'
calculated_hmac = Base64.strict_encode64(OpenSSL::HMAC.digest('sha256', SHARED_SECRET, data))

Here is a Ruby Sinatra example on verifying a request that comes from Re:amaze:

require 'rubygems'
require 'base64'
require 'openssl'
require 'sinatra'

# The channel's shared secret
SHARED_SECRET = 'my_shared_secret'

helpers do
  # Compare the computed HMAC digest based on the shared secret and the request contents
  # to the reported HMAC in the headers
  def verify_webhook(data, hmac_header)
    calculated_hmac = Base64.strict_encode64(OpenSSL::HMAC.digest('sha256', SHARED_SECRET, data))
    ActiveSupport::SecurityUtils.secure_compare(calculated_hmac, hmac_header)
  end
end

# Respond to HTTP POST requests sent to this web service
post '/' do
  request.body.rewind
  data = request.body.read
  verified = verify_webhook(data, env["HTTP_X_REAMAZE_HMAC_SHA256"])

  # Output 'true' or 'false'
  puts "Webhook verified: #{verified}"
end

Similarly, when sending an SMS to Re:amaze, here's how you would generate the request:

require 'rubygems'
require 'faraday'
require 'base64'
require 'openssl'

# The channel's shared secret
SHARED_SECRET = 'my_shared_secret'

connection = Faraday.new(url: 'https://www.reamaze.io/incoming/sms') do |faraday|
  faraday.request :json
  faraday.adapter Faraday.default_adapter
end 

response = connection.post do |req|
  data = {
    id: "sms-message-id", 
    direction: "outbound", # optional, defaults to 'inbound'
    to: {
      name: 'Support', # this is optional
      phone: '+16501234567' # if outbound direction, this is the customer number, otherwise this is the channel phone number
    },
    from: {
      name: 'Customer name',
      phone: '+15105559999' # if outbound direction, this is the channel phone number, otherwise this is the customer phone number
    },
    body: 'This is the SMS message body',
    attachments: [ # optional - list of attachment urls
      'https://www.example.com/image1.png'
    ],
    thread_id: 'sms-conversation-id-123',  # optional, but highly recommended - unique id identify the entire sms conversation. SMS messages with the same thread_id will be grouped in the same conversation inside Re:amaze. When left blank, the SMS will be attributed to the customer's most recent SMS conversation in Re:amaze that happened within the past hour.
    created_at: '2019-08-06T23:21:15+0000', # optional - iso8601 datetime of when SMS was created
    assignee: { # optional - when provided and if the email matches a staff email, the related conversation will be assigned to that staff user. Absence of this parameter will not unassign the conversation.
      email: "staffemail@example.com"
    }
  }.to_json

  digest = OpenSSL::Digest.new('sha256')
  calculated_hmac = Base64.encode64(OpenSSL::HMAC.digest(digest, SHARED_SECRET, data)).strip

  req.headers['X-Reamaze-Hmac-SHA256'] = calculated_hmac
  req.headers['Content-Type'] = 'application/json'
  req.body = body
end
Creating the SMS in Re:amaze

When an SMS is received by the SMS number, you'll need to send a POST request to https://www.reamaze.io/incoming/sms with the following data:

{
  "id": "sms-message-id",
  "direction": "inbound",
  "to": {
    "name": "Support",
    "phone": "+16501234567"
  },
  "from": {
    "name": "Customer name",
    "phone": "+15105559999"
  },
  "body": "This is the SMS message body",
  "attachments": [
    "https://www.example.com/image1.png"
  ],
  "thread_id": "sms-conversation-id-123",
  "created_at": "2019-08-06T23:21:15+0000",
  "assignee": {
    email: "staffemail@example.com"
  }
}

Re:amaze will then respond with a status code of 2xx if the request was successful. An status code of 5xx is a temporary failure and the request should be retried. A status code of 4xx usually means that the request does not parse and should not be retried before fixing the request parameters.

Receiving SMS from Re:amaze

Similarly, when a staff user responds to a customer SMS, a POST request is sent to the webhook url  defined in the channel settings with the following data:

{
  "to": {
    "name": "Support",
    "phone": "+16501234567"
  },
  "from": {
    "name": "Customer name",
    "phone": "+15105559999"
  },
  "body": "This is the SMS message body",
  "conversation": {
    "slug": "thread-slug",
  },
  "attachments": [
    "https://www.example.com/image1.png"
  ],
  "created_at": "2019-08-06T23:21:15+0000",
  "thread_id": "sms-conversation-id-123"
}

This request is sent synchronously when a staff submits a reply to an SMS conversation, and you should return a status code of 200 or 201 if and only if the SMS was actually sent on your end.

This request payload contains additional conversation meta data which contains the slug attribute to identify the conversation on the Re:amaze side. This identifier can be used as a hint for threading or used to pull additional information about this conversation from the Re:amaze API.

Note: This webhook is not called when you send a message to Re:amaze with direction = "outbound"

Help / Questions?

For questions regarding our custom channel integrations, contact us at support@reamaze.com or talk to us via our chat widget at https://www.reamaze.com