Everything developers need to know about integrating SMS into Australian business applications. REST APIs, webhooks, and best practices.
Most Australian SMS APIs use API key + secret or Bearer token authentication. Twilio uses Account SID + Auth Token. Always store credentials in environment variables, never in code. Use HTTPS for all API calls.
Always send to E.164 format: +614XXXXXXXX for mobiles. Strip spaces, dashes, and leading zeros. Handle 04XX XXX XXX input format gracefully. Validate before sending โ invalid numbers cost money and hurt deliverability.
Set up delivery receipt webhooks to track message status. Handle "delivered," "failed," and "expired" statuses. Implement retry logic for webhook failures. Most providers support both push (webhook) and pull (polling) methods.
// Using fetch (Node.js / Browser)
const response = await fetch('https://api.provider.com.au/v1/sms', {
method: 'POST',
headers: {
'Authorization': 'Bearer YOUR_API_KEY',
'Content-Type': 'application/json'
},
body: JSON.stringify({
to: '+61412345678',
from: 'YourBrand',
body: 'Your appointment is confirmed for tomorrow at 2pm.'
})
});
const result = await response.json();
console.log(result.messageId); // Track this for delivery status
Most APIs allow 10-30 messages/second. For bulk sends, use batch endpoints or queue messages. Implement exponential backoff on 429 responses. Burst SMS and ClickSend offer bulk send endpoints for large campaigns.
Standard SMS is 160 characters (GSM-7 encoding). Unicode (emoji, non-Latin) reduces to 70 characters. Longer messages are split into segments of 153 characters each. Each segment costs one credit. Keep messages concise.
Twilio has the best documentation in the industry. Burst SMS and ClickSend have clean, well-documented REST APIs with Postman collections. All providers offer SDKs for Python, Node.js, PHP, and Ruby.
Dev Books โ