What if I dont want webhooks? Can I just poll?

Yes. GET /v1/numbers/{id}/messages returns up to 50 recent messages. Set since_iso to get only messages after a timestamp. Most agents poll every 2-3 seconds while waiting for a verification.

Can I receive SMS from short codes (5-digit numbers)?

Yes. Verification SMS from US banks, dating apps, crypto exchanges, and most apps sent via short codes arrive normally. This is one of the main reasons VoIP fails and real carrier numbers succeed.

Guide · SMS API

SMS API for chatbots and AI agents

Q: How fast does an SMS arrive at my webhook?

Median latency from SMS-receive to webhook-delivery is under 3 seconds. We retry failed webhook calls with exponential backoff (immediate, 15s, 60s, 300s) and store messages for 30 days so you can fetch them via polling if your webhook was down.

Your AI agent needs a phone number that can receive SMS verification codes from Cash App, Coinbase, Tinder, banking apps, or any 2FA flow. Twilio rejects most of them as VoIP. Here's how to wire up a chatbot or agent to receive real SMS through MeiSIM's webhook API.

Get an API key

5 free numbers. Webhook delivery in <3 seconds.

See the API →

The flow at a glance

Your agent calls POST /v1/numbers/provision with a webhook URL.
~60s later, your agent has a real US phone number (eSIM QR + ICCID + LPA returned in the response).
Agent uses the number to sign up on Cash App / Coinbase / etc.
The signup service sends a verification SMS to the number.
MeiSIM receives the SMS via the carrier's network (~1s).
MeiSIM POSTs the message to your webhook URL (~1-2s more).
Your agent reads the body, extracts the code, completes the signup.

Webhook contract

We POST a JSON body to your URL. You return HTTP 200 within 10 seconds to acknowledge. If you fail or time out, we retry with backoff (immediate, +15s, +60s, +300s — total 4 attempts over 6 min). Messages are also queryable via the messages endpoint for 30 days.

POST https://your-agent.com/sms Content-Type: application/json X-MeiSIM-Signature: t=1716...,v1=hmac-sha256-of-body { "event": "sms.received", "number_id": "num_01HXY3...", "phone": "+14155551234", "from": "245-78", "text": "Your Cash App code is 583921. Don't share.", "received_at": "2026-05-19T14:23:01Z" }

Polling fallback

If you'd rather poll than maintain a webhook endpoint (common for stateless agents), call:

GET /v1/numbers/{id}/messages?since=2026-05-19T14:22:00Z Authorization: Bearer YOUR_API_KEY → { "messages": [{ "from": "245-78", "text": "Your Cash App code is 583921", "received_at": "..." }, ...] }

Most agents poll every 2-3 seconds while waiting for a verification. Verification SMS typically arrives within 30 seconds; failed attempts take up to 5 minutes before retrying.

Extracting the OTP code

The SMS body varies by service but the code is always a 4-8 digit number. Most agents use a regex like /\b\d{4,8}\b/ to extract. For higher reliability, have the LLM read the text and return just the code — Claude or GPT-4o handle this in milliseconds.

Authentication and security

Every webhook POST is signed with HMAC-SHA256. Verify X-MeiSIM-Signature using your API secret to confirm the request actually came from us, not a spoofer. Code sample in API docs.

Build it tonight

API key + first 5 numbers free. Email us and we'll set you up.

Email →

FAQ

How fast does an SMS arrive at my webhook?

Median <3 seconds. Retry on failure with exponential backoff. Messages stored 30 days for polling fallback.

Can I just poll instead of webhook?

Yes. GET /v1/numbers/{id}/messages, optionally with since=ISO. Most agents poll every 2-3s during verification waits.

Can I receive from short codes (5-digit)?

Yes — that's the main reason to switch to real carrier numbers. Most bank/crypto/dating-app verification SMS comes from short codes, and VoIP blocks them.

What about MMS (with images)?

SMS only for now. MMS is on the roadmap.

Do you support multiple webhooks per number?

One webhook per number. For fan-out, route through your own dispatcher.