hub WhatsApp Gateway
Sign In View Docs

On-Site Documentation

Node.js SDK Examples

Fetch and Express examples for WhatsApp Gateway customer integrations.

Download PDF Overview Quickstart Connect Instance Send Messages Receive Webhooks Responsible Messaging 3CX Overview 3CX Webhooks 3CX Call Events 3CX Troubleshooting n8n Integration Endpoint Map OpenAPI SDK Overview PHP Examples Node.js Examples Python Examples Postman Collection Troubleshooting

Node.js

Node.js SDK Examples

SDK examples are available now. Official package releases are being prepared.

Configuration

const baseUrl = 'https://evoapi.faisak.com';
const apiKey = 'wg_live_replace_with_your_key';

Send Support Message

const response = await fetch(`${baseUrl}/api/send-message`, {
  method: 'POST',
  headers: {
    Authorization: `Bearer ${apiKey}`,
    'Content-Type': 'application/json',
  },
  body: JSON.stringify({
    instance_id: 'demo-support-line',
    phone: '+9665XXXXXXX',
    message: 'Your support request has been updated.',
    message_purpose: 'support',
  }),
});

const json = await response.json();

Allowed purposes are transactional, operational, support, internal_team, and authentication. Do not use marketing, cold outreach, or bulk campaign purposes.

Handle Errors

if (!json.success) {
  const code = json.error || 'unknown_error';
  const message = json.message || 'Request failed.';

  // Common examples:
  // module_not_enabled, message_purpose_not_allowed,
  // recipient_suppressed, sending_throttled
  throw new Error(`${code}: ${message}`);
}

Verify Webhook Signature

import crypto from 'node:crypto';

function verifyWebhookSignature({ timestamp, rawBody, signature, secret }) {
  const expected =
    'sha256=' +
    crypto
      .createHmac('sha256', secret)
      .update(`${timestamp}.${rawBody}`)
      .digest('hex');

  return crypto.timingSafeEqual(Buffer.from(expected), Buffer.from(signature));
}

Express Webhook Receiver

import express from 'express';

const app = express();
const webhookSecret = 'replace_with_webhook_signing_secret';

app.post(
  '/webhooks/whatsapp-gateway',
  express.raw({ type: 'application/json' }),
  (req, res) => {
    const timestamp = req.header('X-WhatsApp-Gateway-Timestamp') || '';
    const signature = req.header('X-WhatsApp-Gateway-Signature') || '';
    const rawBody = req.body.toString('utf8');

    if (!verifyWebhookSignature({ timestamp, rawBody, signature, secret: webhookSecret })) {
      return res.status(401).send('Invalid signature');
    }

    const event = JSON.parse(rawBody);

    if (event.event === 'message.received') {
      // Handle event.from and event.message_text.
    }

    if (event.event === 'recipient.opted_out') {
      // Suppress event.from in your application.
    }

    return res.status(200).send('ok');
  }
);