Skip to main content

Get Credentials

curl https://your-domain.com/api/get-credentials.php
Retrieves all API credentials with sensitive values masked.

Response

success
boolean
required
Indicates if credentials were retrieved successfully
whatsapp
object
WhatsApp Business API credentials
phone_number_id
string
WhatsApp phone number ID (visible)
access_token
string
API access token (masked as ••••••••)
app_secret
string
App secret for webhook validation (masked)
verify_token
string
Webhook verification token (visible)
has_credentials
boolean
Whether complete WhatsApp credentials are configured
openai
object
OpenAI API credentials
api_key
string
OpenAI API key (masked as ••••••••)
model
string
GPT model name (e.g., "gpt-4o", "gpt-3.5-turbo")
embedding_model
string
Embedding model for RAG (e.g., "text-embedding-3-small")
has_credentials
boolean
Whether OpenAI credentials are configured
google
object
Google OAuth credentials for Calendar API
client_id
string
Google OAuth client ID (visible)
client_secret
string
OAuth client secret (masked)
access_token
string
OAuth access token (masked)
refresh_token
string
OAuth refresh token (masked)
calendar_id
string
Google Calendar ID (visible)
has_credentials
boolean
Whether complete Google credentials are configured

Success Response Example

{
  "success": true,
  "whatsapp": {
    "phone_number_id": "123456789",
    "access_token": "••••••••",
    "app_secret": "••••••••",
    "verify_token": "my_verify_token",
    "has_credentials": true
  },
  "openai": {
    "api_key": "••••••••",
    "model": "gpt-4o",
    "embedding_model": "text-embedding-3-small",
    "has_credentials": true
  },
  "google": {
    "client_id": "123456789.apps.googleusercontent.com",
    "client_secret": "••••••••",
    "access_token": "••••••••",
    "refresh_token": "••••••••",
    "calendar_id": "primary",
    "has_credentials": true
  }
}

Save Credentials

curl -X POST https://your-domain.com/api/save-credentials.php \
  -H "Content-Type: application/json" \
  -d '{
    "service": "openai",
    "api_key": "sk-proj-...",
    "model": "gpt-4o",
    "embedding_model": "text-embedding-3-small"
  }'
Saves encrypted credentials for a specific service.

Request

service
string
required
Service to configure: "whatsapp", "openai", or "google"

WhatsApp Parameters

phone_number_id
string
WhatsApp Business phone number ID
access_token
string
WhatsApp API access token (will be encrypted)
app_secret
string
App secret for webhook validation (will be encrypted)
verify_token
string
Webhook verification token

OpenAI Parameters

api_key
string
OpenAI API key (will be encrypted)
model
string
GPT model name (e.g., "gpt-4o")
embedding_model
string
Embedding model for RAG (e.g., "text-embedding-3-small")

Google Parameters

client_id
string
Google OAuth client ID
client_secret
string
OAuth client secret (will be encrypted)
access_token
string
OAuth access token (will be encrypted)
refresh_token
string
OAuth refresh token (will be encrypted)
calendar_id
string
Google Calendar ID to use

Response

success
boolean
required
Indicates if credentials were saved successfully
message
string
Confirmation message
error
string
Error description (only present on failure)

Examples

{
  "service": "whatsapp",
  "phone_number_id": "123456789",
  "access_token": "EAAxxxx...",
  "app_secret": "abc123...",
  "verify_token": "my_verify_token"
}

Success Response

{
  "success": true,
  "message": "Credenciales guardadas exitosamente"
}

Error Responses

Invalid Service
{
  "error": "Invalid service. Use: whatsapp, openai, or google"
}
Missing Service Field
{
  "error": "Invalid input. \"service\" field required."
}

Error Handling

Status CodeDescription
200Credentials saved successfully
400Invalid input or service
405Method not allowed (GET/POST required)
500Internal server error

Security

All sensitive credentials (tokens, secrets, API keys) are encrypted using AES-256-CBC before storage. The encryption key should be configured in your environment.
Source implementation:
  • GET: api/get-credentials.php:12-47
  • POST: api/save-credentials.php:28-65
  • Encryption: Uses App\Services\EncryptionService and App\Services\CredentialService

Build docs developers (and LLMs) love

Get started for freeTalk to us