Skip to main content
Acepeak
Developers

Build calling, messaging, and AI on the Acepeak api.

REST endpoints, real-time webhooks, and first-class SDKs. Authenticate the api with a bearer access token and send your first request in under five minutes.

Get an access token·View Pricing
place-call.sh
# Place a call from a US number
curl -X POST https://endpoints.acepeak.com/v1/calls \
  -H "Authorization: Bearer $ACEPEAK_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"from":"+18005551212",
       "to":"+14155551212",
       "answer_url":"https://your.app/answer"}'
Five minutes to your first call

Quickstart.

  1. 01step

    Get an access token

    Sign in to the Acepeak dashboard, open Developers → Tokens, and create a new bearer token. Tokens are scoped per environment (sandbox or live) and rotatable from the dashboard at any time.

    Heads up — keep live tokens server-side. Anything that touches a browser should go through your backend.

  2. 02step

    Authenticate

    Every request uses bearer-token auth in the Authorization header.

    Authorization: Bearer YOUR_ACEPEAK_TOKEN
  3. 03step

    Send your first request

    Place a call, send an SMS, or list your numbers — pick whichever fits your use case. You should see a JSON list of your phone numbers. From there, you can place calls, send SMS, set up webhooks, and start building.

    curl https://endpoints.acepeak.com/v1/numbers \
  -H "Authorization: Bearer $ACEPEAK_TOKEN"
What you can build

Every capability in the platform is exposed via REST.

Voice calls

Place outbound calls, control inbound calls, transfer, conference, record, transcribe. Programmable answer-URL flows, in-call DTMF capture, real-time streaming.

/v1/calls/v1/conferences/v1/recordings

Messaging (SMS & MMS)

Send and receive on US 10DLC, toll-free, and short-code numbers. Two-way, delivery receipts, opt-out compliance, concatenated long messages.

/v1/messages/v1/messages/inbound

Phone numbers

Search, buy, port, and release. Local US, toll-free, and international DIDs across 60+ countries.

/v1/numbers/v1/numbers/available/v1/numbers/port-orders

Users & Teams

Provision users, assign roles, manage teams, configure SSO. SCIM 2.0 for automated lifecycle management with your IdP.

/v1/users/v1/teams/v1/sso

Webhooks

Real-time delivery of call, message, and recording events to your endpoint. HMAC-SHA256 signed, retried with exponential backoff for 24h.

/v1/webhooks/v1/webhooks/{id}/events

AI surfaces

Trigger the AI Receptionist, pull transcripts, fetch sentiment scores per call or per chat.

/v1/ai/receptionist/v1/ai/transcripts/v1/ai/sentiment
Authentication

Ways to authenticate.

Access token auth

Recommended for backend services. Bearer token sent in every request. Tokens are scoped per environment, rotatable from the dashboard, and tied to a specific role for least-privilege access.

Authorization: Bearer YOUR_ACEPEAK_TOKEN

OAuth 2.0

For partner apps and marketplace integrations. Authorization Code grant with PKCE. Use this when your app acts on behalf of a customer rather than your own account.

  • Authorization Code + PKCE
  • Refresh tokens · 30-day default
  • Per-customer scoping
Rate limits & errors

Predictable, documented, and never silent.

Rate limits

Default: 100 r/s per access token. Bursts up to 200 r/s for short windows. When exceeded, the platform returns 429 with a Retry-After header.

Idempotency

Mutating requests support an Idempotency-Keyheader. Use it on POST, PUT, and DELETE requests so retries don’t double-charge or double-send.

Error codes

  • 400Bad requestValidation failed
  • 401UnauthorizedInvalid or missing access token
  • 403ForbiddenToken doesn't have scope
  • 404Not foundResource not found
  • 409ConflictIdempotency or state mismatch
  • 429Rate limitedSlow down — Retry-After provided
  • 5xxServer-sideRetry with exponential backoff
Webhooks

Real-time events delivered to your endpoint.

Subscribe an HTTPS endpoint to call, message, and recording events. Webhooks are signed with HMAC-SHA256 — verify the signature before processing. Failed deliveries are retried with exponential backoff for up to 24 hours. You can replay any event from the dashboard.

POST · /your-webhookSigned
{
  "id": "evt_01HW3...",
  "type": "call.completed",
  "created_at": "2026-04-30T10:42:00Z",
  "data": {
    "call_id": "CA_01HW...",
    "duration_sec": 184
  }
}
HMAC-SHA256 signed · replay-safe
24h exponential-backoff retries
Replay any event from the dashboard
Filter by event type · per endpoint
SDKs

First-class libraries, mirror-mapped to REST.

GitHub·OpenAPI 3.1
Node.jsnpm install @acepeak/sdkInstall
Pythonpip install acepeakInstall
PHPcomposer require acepeak/sdkInstall
Gogo get github.com/acepeak/acepeak-goInstall
Rubygem install acepeakInstall
MIT licensed · same release cadence as the platformPostman →
Versioning

Stable URLs. Predictable upgrades.

Interface versions are pinned in the URL (/v1/). Breaking changes ship behind a new major version. Non-breaking additions arrive on the same version with a release note in the developer changelog.

Deprecation policy

Features stay live for 12 months after a deprecation notice. We email every team with an active access token at 90, 30, and 7 daysbefore the cutoff — no surprises in production.

Ready to start building?

Contact Us View Pricing
FAQ

Questions, answered.

It is a REST interface plus signed webhooks that exposes voice calling, SMS / MMS, phone numbers, users, and AI surfaces. Authenticate with a bearer access token, hit the documented endpoints, and ship in minutes.

REST · webhooks · SDKs

Build on the api, ship the same day.

24/7 support included. Numbers ported from any carrier worldwide.

devs.acepeak.com·github.com/acepeak·devs@acepeak.com
Contact Us View Pricing
24/7 support60+ countriesSOC 2 IISandbox console
Last updated: May 2026
Contact Us View Pricing