401 Unauthorized
- Confirm the header is present:
Authorization: Bearer ... - Confirm the key is valid and not expired/rotated
- Make sure you're using the correct environment's key
403 Forbidden
This usually means the key is valid but missing the required scope.
- Check the endpoint docs for "Required scope"
- Use a different key or create a key with the missing permission
Webhooks not arriving
- Confirm the webhook is enabled
- Confirm your endpoint returns
2xxquickly (don't do heavy work inline) - Check signature verification and secret rotation
Debug with request IDs
When debugging a missing/failed delivery, capture X-Request-ID from the originating API call and correlate it in logs.
Duplicate sends
If you retry POST /v1/transmissions without idempotency, you can create duplicates.
-
Always send an
Idempotency-Key -
On retry, reuse the same key
-
Read more: Idempotency