HonkIOHonk.IO

Everything you need to send SMS in Canada — compliantly

Honk.IO is a REST API purpose-built for Canadian legislation. CASL, DNCL, PIPEDA, and data residency are enforced at the infrastructure level — not bolted on.

SMS Sending

Outbound SMS

Send to any Canadian mobile number in E.164 format.

Inbound SMS

Receive inbound messages via webhook. Reply-to threading included.

Test mode

Validate messages without sending. Unlimited test messages.

Idempotency keys

Prevent duplicate sends with per-request idempotency headers.

Delivery receipts

Real-time status: queued → sent → delivered or failed.

Message history

Search and filter sent messages by date, number, or status.

Canadian Phone Numbers

Number search

Search available Canadian numbers by area code or province.

Instant provisioning

Provision a number via API in seconds. Active immediately.

Number release

Release numbers you no longer need. Billing stops immediately.

Canadian only

Only Canadian area codes accepted. All 60+ NPA codes validated.

Multi-number accounts

Provision as many numbers as your plan allows.

Short codes

Short code (5-6 digit) campaigns available on request.

CASL Consent Management

Consent tracking

Record express and implied consent with full audit trail.

Auto opt-out

STOP/STOPALL/UNSUBSCRIBE/QUIT/END/CANCEL keywords processed automatically.

Consent expiry

Implied consent auto-expires after 2 years per CASL §10(9).

DNCL checking

CRTC Do Not Call List checked before every telemarketing send.

HTTP 451 blocks

Non-compliant sends rejected with legally appropriate status code.

Right to erasure

Wipe all PII for a phone number via a single API call.

Webhooks & Delivery Receipts

Event subscriptions

Subscribe to: message.queued, message.sending, message.sent, message.delivered, message.failed, message.undelivered, message.received, opt_out.recorded, opt_out.reinstated.

HMAC signatures

Every webhook payload is signed with your account secret. Verify authenticity.

Retry logic

Failed webhook deliveries are retried with exponential backoff.

Multiple endpoints

Register multiple webhook URLs per event type.

Delivery logs

Inspect all webhook delivery attempts in your dashboard.

Test webhooks

Trigger test events from your dashboard.

Authentication & Security

API key types

Live keys (mk_live_...) and test keys (mk_test_...) per account.

Scoped keys

Issue send-only, read-only, or admin-scoped keys.

Key revocation

Rotate or revoke keys anytime without downtime.

Rate limiting

Per-account rate limits with sliding window algorithm.

Audit log

Every key action and compliance event is logged immutably.

Canadian data residency

All auth data stored in Canada. Never leaves Canadian jurisdiction.

Developer-First REST API

OpenAPI spec

Full OpenAPI 3.1 spec available for code generation.

Bilingual errors

All error messages returned in EN and FR (Accept-Language).

Structured errors

Consistent error format with code, message, and details fields.

Swagger UI

Interactive API explorer at /v1/docs (dev mode).

Idiomatic REST

Standard HTTP methods, status codes, and pagination.

curl-friendly

Designed to be simple enough to test with curl and a Bearer token.

Phone Number Verification (OTP)

OTP via SMS

Send a one-time code to any Canadian number. Configurable 4–8 digit length.

Check endpoint

Submit the code to confirm — returns verified status and attempts remaining.

Expiry & attempt limits

Codes expire after 10 minutes. Configurable max attempts before lockout.

Test mode support

In test mode the code is always zeros (e.g. 000000). No SMS sent.

Audit trail

All verification requests and outcomes logged immutably.

Simple two-step API

POST /verify to start, POST /verify/{id}/check to confirm. That’s it.

Start sending compliant SMS in Canada

No credit card required.

Create free account