Skip to main content

Welcome to the GoBlue API

The GoBlue API enables you to integrate iMessage automation into your applications and workflows. Our API is designed to be simple, reliable, and secure, allowing you to send personalized messages at scale while maintaining the personal touch of direct communication.

API Overview

REST Architecture

Simple HTTP-based REST API with JSON request/response format

Webhook-First Design

Optimized for real-time data ingestion via webhooks

Secure Authentication

API key-based authentication with form-specific endpoints

High Reliability

Built for enterprise-grade uptime and message delivery

Base URL

All API requests should be made to: 
https://api.goblue.app/v1

Authentication

GoBlue uses two authentication methods depending on the endpoint:

Form-Based Authentication (Webhooks)

For webhook endpoints, authentication is built into the URL structure: 
https://api.goblue.app/v1/forms/{form-id}/webhook
The form-id serves as both the endpoint identifier and authentication token.

API Key Authentication (Direct API Access)

For direct API access (like retrieving messages), use your API key: In URL path: 
https://api.goblue.app/v1/messages/{api-key}
In Authorization header: 
Authorization: Bearer {your-api-key}
Your API key can be found in the GoBlue app under Settings > API Access. Keep it secure and never expose it in client-side code.

Request Format

Content Type

All requests must use JSON format: 
Content-Type: application/json

Request Structure

{
  "phoneNumber": "+1234567890",
  "firstName": "John",
  "lastName": "Doe",
  "customField": "Custom data"
}

Required Fields

  • phoneNumber: Valid phone number in any standard format (required for all message-generating endpoints)

Optional Fields

  • firstName: Recipient’s first name
  • lastName: Recipient’s last name
  • Any custom fields: Defined in your GoBlue form configuration

Response Format

Success Response

{
  "status": "success",
  "message": "Message queued successfully",
  "data": {
    "messageId": "uuid",
    "queuePosition": 1
  }
}

Error Response

{
  "status": "error",
  "message": "Missing required field: phoneNumber",
  "code": "VALIDATION_ERROR",
  "details": {
    "field": "phoneNumber",
    "requirement": "Valid phone number required"
  }
}

HTTP Status Codes

The GoBlue API uses standard HTTP status codes:
  • 200 OK: Request succeeded
  • 201 Created: Resource created successfully
  • 400 Bad Request: Invalid request data or missing required fields
  • 401 Unauthorized: Invalid or missing authentication
  • 404 Not Found: Resource not found (invalid form ID)
  • 429 Too Many Requests: Rate limit exceeded
  • 500 Internal Server Error: Server-side error
  • 503 Service Unavailable: Service temporarily unavailable

Rate Limits

To ensure service stability, the GoBlue API implements rate limiting:

Webhook Endpoints

100 requests per minute per form

API Endpoints

1,000 requests per hour per API key

Message Sending

50 messages per minute per account

Burst Allowance

2x rate limit for short bursts (30 seconds)

Rate Limit Headers

Rate limit information is included in response headers: 
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 75
X-RateLimit-Reset: 1640995200

Handling Rate Limits

When you exceed rate limits, you’ll receive a 429 status code: 
{
  "status": "error",
  "message": "Rate limit exceeded. Please try again later.",
  "code": "RATE_LIMIT_EXCEEDED",
  "retryAfter": 60
}
Implement exponential backoff in your applications: 
async function sendWithBackoff(url, data, attempt = 1) {
  try {
    const response = await fetch(url, {
      method: 'POST',
      headers: { 'Content-Type': 'application/json' },
      body: JSON.stringify(data)
    });
    
    if (response.status === 429) {
      const retryAfter = response.headers.get('Retry-After') || Math.pow(2, attempt);
      await new Promise(resolve => setTimeout(resolve, retryAfter * 1000));
      return sendWithBackoff(url, data, attempt + 1);
    }
    
    return response;
  } catch (error) {
    if (attempt < 3) {
      await new Promise(resolve => setTimeout(resolve, Math.pow(2, attempt) * 1000));
      return sendWithBackoff(url, data, attempt + 1);
    }
    throw error;
  }
}

Error Handling

Error Codes

GoBlue uses specific error codes for different types of failures:
Cause: Invalid or missing required data Example: Missing phoneNumber field Action: Validate request data before sending
Cause: Invalid API key or form ID Example: Expired or incorrect authentication Action: Verify API credentials
Cause: Too many requests in time window Example: Sending more than 100 webhooks per minute Action: Implement rate limiting and retry logic
Cause: Target form has capturing disabled Example: Form configuration set to inactive Action: Enable capturing in form settings
Cause: Account message quota reached Example: Monthly message limit exceeded Action: Contact support to upgrade plan

Implementing Error Handling

async function handleGoBlueResponse(response) {
  const data = await response.json();
  
  if (!response.ok) {
    switch (data.code) {
      case 'VALIDATION_ERROR':
        throw new Error(`Invalid data: ${data.message}`);
      case 'AUTHENTICATION_ERROR':
        throw new Error('Authentication failed - check API key');
      case 'RATE_LIMIT_EXCEEDED':
        // Implement retry with exponential backoff
        throw new Error('Rate limited - retry after delay');
      case 'FORM_DISABLED':
        throw new Error('Form capturing is disabled');
      default:
        throw new Error(`API error: ${data.message}`);
    }
  }
  
  return data;
}

Data Types and Validation

Phone Numbers

Phone numbers are automatically normalized but should follow these guidelines: Accepted Formats:
  • +1234567890 (E.164 format - preferred)
  • (123) 456-7890
  • 123-456-7890
  • 123.456.7890
  • 1234567890
Validation Rules:
  • Must be valid mobile numbers capable of receiving SMS/iMessage
  • Country code is automatically added if missing (defaults to US +1)
  • Invalid numbers are rejected with validation errors

Text Fields

String Limits:
  • firstName/lastName: 50 characters max
  • Custom fields: 500 characters max
  • Message templates: 1600 characters max (SMS limit)
Character Encoding:
  • UTF-8 encoding supported
  • Emoji characters counted as multiple characters
  • Special characters preserved in message delivery

Date/Time Fields

When sending date/time data, use ISO 8601 format: 
{
  "appointmentTime": "2024-01-15T14:30:00Z",
  "createdAt": "2024-01-15T10:00:00-05:00"
}

Webhook Security

HTTPS Only

All webhook endpoints use HTTPS encryption:
  • Data is encrypted in transit
  • SSL/TLS certificates are automatically managed
  • HTTP requests are automatically redirected to HTTPS

Payload Validation

GoBlue validates all incoming webhook payloads:
  • JSON structure validation
  • Required field presence
  • Data type checking
  • Length limit enforcement

Request Logging

For security and debugging, GoBlue logs:
  • Request timestamps and IP addresses
  • Response status codes
  • Error conditions (without sensitive data)
  • Rate limiting events
While GoBlue logs requests for debugging, never include sensitive information like passwords, social security numbers, or payment data in webhook payloads.

SDK and Libraries

Official Libraries

Currently, GoBlue provides official support through:
  • REST API: Direct HTTP integration
  • Webhook endpoints: For real-time data ingestion
  • iOS Shortcuts: For message sending automation

Community Libraries

Community-maintained libraries are available for:
  • Node.js: NPM packages for webhook handling
  • Python: Flask/Django integration helpers
  • PHP: WordPress and Laravel plugins
  • Ruby: Rails integration gems

Building Your Own Integration

When building custom integrations:
1

Use HTTPS

Always use secure HTTPS connections for API calls
2

Implement Retry Logic

Handle network errors with exponential backoff
3

Validate Data

Validate phone numbers and required fields before sending
4

Monitor Rate Limits

Respect rate limits and implement proper backoff
5

Log Errors

Log API errors for debugging (without sensitive data)

Testing and Development

Sandbox Environment

GoBlue provides a testing approach:
  • Use your actual API key and forms
  • Send test data to your own phone number
  • Monitor message queue in the GoBlue app
  • Verify message content and delivery

Testing Tools

cURL Examples: 
# Test webhook endpoint
curl -X POST https://api.goblue.app/v1/forms/{form-id}/webhook \
  -H "Content-Type: application/json" \
  -d '{"firstName":"Test","phoneNumber":"+1234567890"}'

# Test message retrieval
curl https://api.goblue.app/v1/messages/{api-key}
Postman Collection: Import our Postman collection for interactive API testing (contact support for the latest collection).

Best Practices for Testing

Use Test Phone Numbers

Always test with your own phone number or dedicated test numbers

Start Small

Begin with single messages before implementing bulk operations

Monitor Logs

Watch API logs and response codes during development

Test Error Conditions

Verify your error handling with invalid data and missing fields

API Versioning

Current Version

The current API version is v1, specified in the URL path: 
https://api.goblue.app/v1/

Version Policy

  • Backward Compatibility: New features won’t break existing integrations
  • Deprecation Notice: 6 months notice before removing features
  • Version Support: Each version supported for minimum 2 years
  • Migration Guides: Provided for all major version changes

Version Headers

Include version information in requests for future compatibility: 
Accept: application/json
X-API-Version: v1

Support and Resources

API Documentation

Complete endpoint reference and examples

Integration Guides

Step-by-step integration tutorials

Status Page

Real-time API status and incident reports

Developer Support

Technical support for API integrations

Next Steps

Authentication Guide

Learn about API keys and security best practices

Webhook Reference

Complete webhook endpoint documentation

Message API

Access and manage your message queue

Integration Examples

Real-world integration examples and code samples