Skip to main content

Postman collection

A single file with every API group as a folder and six collection variables: baseUrl, jwt, clientToken, clientSecret, instanceId, and instanceToken (clientToken is both the POST /token body credential and the X-Client-Token header on instance routes; instanceToken is your X-Instance-Token). Download vzaps-public-api.en.postman_collection.json

What is documented

  • Public instance endpoints: create, list, cancel.
  • Public billing endpoints: subscription and resume subscription.
  • Public instance endpoints: session, webhook, messages, users, groups, contacts, and queues.

How to read instance endpoints

All instance endpoints share the public API prefix: 
/instances/{id}/...

Authentication

Obtain a JWT for integration with POST /token (account client_token and client_secret; see Obtain token in this section). The docs use per-endpoint securitySchemes to match real API behavior:
  • bearerAuth for JWT-authenticated flows;
  • instanceTokenHeader + clientTokenHeader for instance endpoints that accept tokens.
On many of these endpoints, access works with the owner JWT or with X-Instance-Token + X-Client-Token.

Important notes

  • PUT /instances/create is a public integration endpoint but still requires JWT.
  • POST /instances/list always uses JWT in this documentation.
  • POST /instances/{id}/subscribe follows the default direct API flow (default payment method on file).
  • PUT and DELETE on /instances/{id}/cancel cancel the instance via the public API.
  • Responses typically use the code, data, and success envelope.