Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.tracklysms.com/llms.txt

Use this file to discover all available pages before exploring further.

All Trackly SMS API requests require authentication using an API key. API keys are scoped to your account and can be created and managed from the dashboard. API keys follow the format trk_[32-char-alphanumeric] (e.g., trk_a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6).

Getting Your API Key

1

Navigate to API Keys

Log into the Trackly SMS Dashboard and go to Settings > API Keys
2

Create a New Key

Click Create API Key and give it a descriptive name (e.g., “Production API”, “Development”)
3

Copy Your Key

Copy the API key immediately - it won’t be shown again
Keep your API keys secure. Never commit them to version control or expose them in client-side code.

Using Your API Key

Include your API key in the X-Api-Key header with every request: 
curl -X POST https://api.tracklysms.com/api/v2/send \
  -H "X-Api-Key: trk_your_api_key_here" \
  -H "Content-Type: application/json" \
  -d '{"to": "+14155551234", "body": "Hello!", "list_number": "+18005551234"}'

Authentication Errors

If authentication fails, you’ll receive a 401 Unauthorized or 403 Forbidden response: 
{
  "error": "API key required",
  "code": "missing_api_key"
}
HTTP 401
Account suspension is enforced at request time, not at API key creation time. A suspended account whose API keys were active before suspension will start receiving 403 Account is suspended on every call immediately after the admin action, without waiting for any cache or token to expire.

Product Access Errors

Some endpoints are gated by per-account product entitlements. If your account isn’t enabled for a given product, requests to that product’s endpoints return 403 Forbidden with a {product}_not_enabled code: 
{
  "error": "EMAIL product not enabled for this account",
  "code": "email_not_enabled"
}
The code follows the pattern {product}_not_enabled (e.g. email_not_enabled, partnerships_not_enabled). To enable a product on your account, contact support@tracklysms.com. SMS sending endpoints are enabled for all active accounts by default and do not return this error.

API Key Best Practices

Use Environment Variables

Store API keys in environment variables, not in code

Rotate Regularly

Create new keys periodically and revoke old ones

Separate Environments

Use different keys for development and production

Monitor Usage

Check the “Last Used” timestamp to detect unauthorized use

Managing API Keys

From the API Keys page in the dashboard, you can:
ActionDescription
CreateGenerate a new API key with a custom name
ViewSee key name, creation date, and last used timestamp
DeletePermanently revoke a key (cannot be undone)
Deleting an API key immediately invalidates it. Any requests using that key will fail with a 401 error.

Linking Discord with API Keys

If you use our Discord integration, you can link your Discord account to your Trackly account using an API key: 
/sms link your_api_key_here
This allows you to:
  • View usage and balance from Discord
  • Create and manage support tickets
  • Receive real-time alerts
See Discord Integration for details.

Next Steps

V2 API Overview

Explore all v2 endpoints

Send First SMS

Send your first message