Authentication

API v4 uses a generated scoped API key sent as a Bearer token in the Authorization header. All requests use HTTPS.

Generate a scoped API key for v4

Before you can implement your integration, your administrator must create an API key in the API keys page in the

Unlike legacy integrations that may have relied on API keys embedded in request paths, v4 uses static API keys generated in the application and sent as Bearer tokens in the Authorization header.

When creating a key, admins can assign only the scopes required for the integration, which helps limit access to specific API domains and operations.

For example:

curl --request GET \
  --url https://api.voiso.com/api/v4/users \
  --header 'Authorization: Bearer YOUR_API_TOKEN' \
  --header 'Content-Type: application/json' \
  --header 'Accept: application/json'

Base URL

Your Base URL is based on your cluster ID:

https://<cluster_id>.voiso.com

Use this Base URL for all v4 endpoints.

Authentication method

API v4 uses HTTP Bearer authentication.

Include your contact center API key in the Authorization header:

Authorization: Bearer \<generated_api_key\>

Required headers

For most requests, include:

• Authorization: Bearer <generated_api_key>
• Content Type: application/json

Example request

This example retrieves a list of users:

curl -X GET "https://<cluster_id>.voiso.com/api/v4/users?limit=10&offset=0" \
  -H "Authorization: Bearer <generated_api_key>" \
  -H "Content-Type: application/json"

Keep your API key secure

• Treat the API key like a password.
• Store it in a secrets manager or secure environment variables.
• Do not commit it to source control or share it in tickets or logs.

Common authentication issues

If your API key is missing or invalid, most endpoints return an authentication error such as HTTP 401.

If your key is valid but does not have access to the requested resource, you may receive an authorization error such as HTTP 403.