API reference

What you'll achieve: Send leads to SwiftCRM from any server or frontend using the Lead API. Correct headers and body format.

Endpoint

POST https://www.swiftcrm.in/api/public/lead

Authentication: project API key. Pass it via one of:

All fields are optional, but send at least one of name, email, or phone for a useful lead.

Field	Type	Description
name	string	Max 255
email	string (email)	Max 255
phone	string	Max 50
attributes	object	Custom key-value data
source_url	string	Page URL (max 2048)
referrer	string	Referrer URL (max 2048)
utm	object	UTM params (e.g. utm_source, utm_medium)
page_trail	array of strings	Page view history

201 Created

{
  "code": "LEAD_CREATED",
  "message": "Lead captured.",
  "request_id": "req_...",
  "lead_id": 123
}

401 Unauthorized — Invalid or missing API key

{
  "code": "INVALID_API_KEY",
  "message": "Invalid or missing project API key.",
  "request_id": "..."
}

403 Forbidden — Domain not allowed

{
  "code": "DOMAIN_NOT_ALLOWED",
  "message": "Origin or Referer not in project allowlist.",
  "request_id": "..."
}

429 Too Many Requests — Monthly lead limit reached

{
  "code": "PLAN_LIMIT_REACHED",
  "message": "Monthly lead limit reached. Please upgrade.",
  "request_id": "..."
}

When you connect a WhatsApp Business number, Meta calls these endpoints automatically — you don't need to call them yourself.

Method	Path	Description
GET	`/api/whatsapp/webhook`	Meta challenge-response verification (one-time setup)
POST	`/api/whatsapp/webhook`	Receive incoming messages → create leads

Both require ?api_key=YOUR_PROJECT_API_KEY. The webhook URL and verify token are shown in Project → Settings → WhatsApp.

Infrastructure probes — no authentication required.

Endpoint	Description
`GET /api/health`	Returns `{"status":"ok"}` when the app process is running. Use for liveness probes.
`GET /api/ready`	Returns `{"status":"ready"}` only when DB and Redis are reachable. Use for readiness probes.

See Examples for curl, JavaScript, and PHP.