Postman & PHP cURL Quick Start
Gunakan Admin API Key untuk mengelola device, lalu gunakan Session Token untuk kirim pesan dari aplikasi Anda. Ganti base URL jika domain production berbeda.
Dashboard
Siap
0
Total Device
0
Online
Daftar Device
QR Device
Belum dipilih
Pilih device atau tambah device baru.
Device online
QR tidak diperlukan lagi untuk device ini.
Device
Kirim Pesan
ReadyDaftar Kontak
History Pesan
POST
Postman Quick Start - Kirim Pesan
Pakai Session Token dari device untuk kirim pesan langsung via Postman. Token bisa disalin dari tombol Token pada daftar device.
Method
POST
URL
https://mbmsender.com/messages/text
Auth
Bearer Token: SESSION_TOKEN
Headers:
Content-Type: application/json
Body > raw > JSON:
{
"to": "0812-3456-7890",
"message": "Halo dari Postman"
}
Response sukses:
{
"ok": true,
"data": {
"sessionId": "SESSION_ID",
"toNumber": "6281234567890",
"to": "6281234567890@s.whatsapp.net",
"messageId": "MESSAGE_ID"
}
}
GET
Cek Status Koneksi Dengan Session Token
Gunakan endpoint ini untuk mengecek apakah device pelanggan sudah online. Endpoint ini memakai Session Token, bukan Admin API Key.
Method:
GET
URL:
https://mbmsender.com/status
Authorization:
Bearer Token: SESSION_TOKEN
Response sukses:
{
"ok": true,
"data": {
"deviceName": "XL",
"phoneNumber": "6281932699200",
"status": "open"
}
}<?php
$baseUrl = 'https://mbmsender.com';
$sessionToken = 'SESSION_TOKEN';
$ch = curl_init($baseUrl . '/status');
curl_setopt_array($ch, [
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => [
'Authorization: Bearer ' . $sessionToken
]
]);
$response = curl_exec($ch);
curl_close($ch);
print_r(json_decode($response, true));
POST
Postman Via Admin Endpoint
Untuk sistem internal, pilih device dengan sessionId
dan gunakan Admin API Key.
Method:
POST
URL:
https://mbmsender.com/sessions/SESSION_ID/messages/text
Authorization:
Bearer Token: ADMIN_API_KEY
Headers:
Content-Type: application/json
Body > raw > JSON:
{
"to": "6281234567890",
"message": "Halo dari Postman admin endpoint"
}
POST
Create Session
Membuat device baru dan mendapatkan sessionId serta token awal.
<?php
$baseUrl = 'https://mbmsender.com';
$adminKey = 'ADMIN_API_KEY';
$payload = [
'name' => 'Customer A'
];
$ch = curl_init($baseUrl . '/sessions');
curl_setopt_array($ch, [
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POST => true,
CURLOPT_HTTPHEADER => [
'Authorization: Bearer ' . $adminKey,
'Content-Type: application/json'
],
CURLOPT_POSTFIELDS => json_encode($payload)
]);
$response = curl_exec($ch);
$error = curl_error($ch);
curl_close($ch);
if ($error) {
throw new Exception($error);
}
$result = json_decode($response, true);
print_r($result);
POST
Connect Device Jika Status Belum Open
Jalankan endpoint ini ketika status device bukan open,
misalnya created, closed,
logged_out, atau failed. Setelah connect,
ambil QR lalu scan dari WhatsApp jika device belum tertaut.
SESSION_ID harus berupa UUID dari response
GET /sessions atau POST /sessions,
bukan session token atau Admin API Key.
Method:
POST
URL:
https://mbmsender.com/sessions/89f986c6-b11a-4c10-9ca5-213bdbd6a33d/connect
Authorization:
Bearer Token: ADMIN_API_KEY
Headers:
Content-Type: application/json
Body:
Tidak perlu body
Response sukses:
{
"ok": true,
"data": {
"sessionId": "89f986c6-b11a-4c10-9ca5-213bdbd6a33d",
"name": "XL",
"status": "connecting"
}
}<?php
$baseUrl = 'https://mbmsender.com';
$adminKey = 'ADMIN_API_KEY';
$sessionId = '89f986c6-b11a-4c10-9ca5-213bdbd6a33d';
$ch = curl_init($baseUrl . '/sessions/' . $sessionId . '/connect');
curl_setopt_array($ch, [
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POST => true,
CURLOPT_HTTPHEADER => [
'Authorization: Bearer ' . $adminKey,
'Content-Type: application/json'
]
]);
$response = curl_exec($ch);
curl_close($ch);
print_r(json_decode($response, true));
GET
Ambil QR Device
Ambil QR mentah untuk dirender sendiri, atau gunakan endpoint SVG untuk testing.
<?php
$baseUrl = 'https://mbmsender.com';
$adminKey = 'ADMIN_API_KEY';
$sessionId = 'SESSION_ID';
$ch = curl_init($baseUrl . '/sessions/' . $sessionId . '/qr');
curl_setopt_array($ch, [
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => [
'Authorization: Bearer ' . $adminKey
]
]);
$response = curl_exec($ch);
curl_close($ch);
$result = json_decode($response, true);
$qrPayload = $result['data']['qr'] ?? null;
POST
Kirim Pesan Dengan Session Token
Nomor tujuan otomatis dibersihkan. Contoh 08 12-3456-7890
akan dikirim sebagai 6281234567890.
Nomor kosong dan nomor yang sama dengan device pengirim akan ditolak
sebelum proses kirim dijalankan.
<?php
$baseUrl = 'https://mbmsender.com';
$sessionToken = 'SESSION_TOKEN';
$payload = [
'to' => '08 12-3456-7890',
'message' => 'Halo dari PHP cURL'
];
$ch = curl_init($baseUrl . '/messages/text');
curl_setopt_array($ch, [
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POST => true,
CURLOPT_HTTPHEADER => [
'Authorization: Bearer ' . $sessionToken,
'Content-Type: application/json'
],
CURLOPT_POSTFIELDS => json_encode($payload)
]);
$response = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
$result = json_decode($response, true);
if ($httpCode >= 400) {
throw new Exception($result['error'] ?? 'Request gagal');
}
echo 'Message ID: ' . ($result['data']['messageId'] ?? '-');
POST
Kirim Pesan Via Admin Endpoint
Alternatif untuk sistem internal yang sudah memegang Admin API Key.
<?php
$baseUrl = 'https://mbmsender.com';
$adminKey = 'ADMIN_API_KEY';
$sessionId = 'SESSION_ID';
$payload = [
'to' => '6281234567890',
'message' => 'Halo dari endpoint admin'
];
$ch = curl_init($baseUrl . '/sessions/' . $sessionId . '/messages/text');
curl_setopt_array($ch, [
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POST => true,
CURLOPT_HTTPHEADER => [
'Authorization: Bearer ' . $adminKey,
'Content-Type: application/json'
],
CURLOPT_POSTFIELDS => json_encode($payload)
]);
$response = curl_exec($ch);
curl_close($ch);
print_r(json_decode($response, true));
POST
Simpan Kontak
Ambil dan simpan kontak untuk dipilih dari halaman Kirim Pesan.
<?php
$baseUrl = 'https://mbmsender.com';
$adminKey = 'ADMIN_API_KEY';
$payload = [
'name' => 'Customer A',
'phoneNumber' => '08 12-3456-7890'
];
$ch = curl_init($baseUrl . '/contacts');
curl_setopt_array($ch, [
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POST => true,
CURLOPT_HTTPHEADER => [
'Authorization: Bearer ' . $adminKey,
'Content-Type: application/json'
],
CURLOPT_POSTFIELDS => json_encode($payload)
]);
$response = curl_exec($ch);
curl_close($ch);
print_r(json_decode($response, true));
GET
History Pengiriman Dengan Postman
Ambil riwayat pesan sesuai device tertentu memakai filter
sessionId. Parameter status bersifat
opsional dan dapat diisi sent atau failed.
Method:
GET
URL:
https://mbmsender.com/messages/history?sessionId=SESSION_ID&status=sent&limit=50
Authorization:
Bearer Token: ADMIN_API_KEY
Query Params:
sessionId = SESSION_ID
status = sent
limit = 50
Response sukses:
{
"ok": true,
"data": [
{
"id": 1,
"sessionId": "SESSION_ID",
"sessionName": "XL",
"sourcePhoneJid": "6281932699200:4@s.whatsapp.net",
"toNumber": "6281234567890",
"toJid": "6281234567890@s.whatsapp.net",
"message": "Halo",
"messageId": "MESSAGE_ID",
"status": "sent",
"errorMessage": null,
"createdAt": "2026-05-25T00:00:00.000Z"
}
]
}
GET
History Pengiriman Via PHP cURL
Ambil riwayat pesan terbaru berdasarkan device, status, dan batas jumlah data.
<?php
$baseUrl = 'https://mbmsender.com';
$adminKey = 'ADMIN_API_KEY';
$sessionId = 'SESSION_ID';
$query = http_build_query([
'sessionId' => $sessionId,
'limit' => 50,
'status' => 'sent'
]);
$ch = curl_init($baseUrl . '/messages/history?' . $query);
curl_setopt_array($ch, [
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => [
'Authorization: Bearer ' . $adminKey
]
]);
$response = curl_exec($ch);
curl_close($ch);
$history = json_decode($response, true);
print_r($history);
DELETE
Hapus History Sesuai Filter
Hapus semua riwayat pesan yang cocok dengan filter session dan status.
<?php
$baseUrl = 'https://mbmsender.com';
$adminKey = 'ADMIN_API_KEY';
$query = http_build_query([
'sessionId' => 'SESSION_ID',
'status' => 'failed'
]);
$ch = curl_init($baseUrl . '/messages/history?' . $query);
curl_setopt_array($ch, [
CURLOPT_RETURNTRANSFER => true,
CURLOPT_CUSTOMREQUEST => 'DELETE',
CURLOPT_HTTPHEADER => [
'Authorization: Bearer ' . $adminKey
]
]);
$response = curl_exec($ch);
curl_close($ch);
print_r(json_decode($response, true));