Configures Sinch API credentials and authentication. Use when setting up OAuth2, Basic auth, application signing, API keys, or SDK credentials for any Sinch product including Conversation API, Voice, Verification, Numbers, Fax, and Mailgun. Also use when troubleshooting 401 Unauthorized, 403 Forbidden, invalid signature, or credential errors against any Sinch API.
From sinch-claude-pluginnpx claudepluginhub sinch/sinch-plugins --plugin sinch-claude-pluginThis skill uses the workspace's default tool permissions.
references/sdk-init-dotnet.mdreferences/sdk-init-in-app-calling-android.mdreferences/sdk-init-in-app-calling-browser.mdreferences/sdk-init-in-app-calling-ios.mdreferences/sdk-init-java.mdreferences/sdk-init-node.mdreferences/sdk-init-python.mdGuides Next.js Cache Components and Partial Prerendering (PPR) with cacheComponents enabled. Implements 'use cache', cacheLife(), cacheTag(), revalidateTag(), static/dynamic optimization, and cache debugging.
Migrates code, prompts, and API calls from Claude Sonnet 4.0/4.5 or Opus 4.1 to Opus 4.5, updating model strings on Anthropic, AWS, GCP, Azure platforms.
Details PluginEval's skill quality evaluation: 3 layers (static, LLM judge), 10 dimensions, rubrics, formulas, anti-patterns, badges. Use to interpret scores, improve triggering, calibrate thresholds.
Cross-cutting skill that covers credential setup and authentication for all Sinch APIs. Determines the correct auth model, provides curl examples, SDK init code, and troubleshooting for common auth errors.
If the user hasn't specified which Sinch product they're integrating, ask first — the auth model depends on the product. Use the decision table in Step 1 to route to the correct credentials.
Determine which model applies based on the Sinch product:
| Auth Model | Products | Credentials Needed |
|---|---|---|
| Project-scoped (Basic or OAuth2) | Conversation API, Numbers, Fax, EST, 10DLC, Number Lookup, Provisioning | Project ID + Key ID + Key Secret |
| Application-scoped (Basic or Signed) | Voice API, Verification API, In-App Calling SDKs | Application Key + Application Secret |
| API key | Mailgun | API Key (username is literal api) |
Voice/Verification credentials are a separate credential set from project Access Keys (different dashboard pages and auth models). In multi-product SDK clients, you may provide both sets together, but do not substitute one set for the other.
Store Key Secrets securely — they are shown only once at creation.
Use Basic auth (simplest) — Key ID as username, Key Secret as password:
curl -u YOUR_KEY_ID:YOUR_KEY_SECRET \
https://numbers.api.sinch.com/v1/projects/{PROJECT_ID}/activeNumbers
Or use OAuth2 — exchange credentials for a bearer token:
curl -X POST https://auth.sinch.com/oauth2/token \
-d grant_type=client_credentials \
-u YOUR_KEY_ID:YOUR_KEY_SECRET
The response JSON contains an access_token field — this is the JWT to use as the bearer token:
{ "access_token": "eyJ...", "token_type": "bearer", "expires_in": 3600 }
Use it in subsequent requests: Authorization: Bearer {access_token} (expires in 3600s).
The token endpoint https://auth.sinch.com/oauth2/token works for all project-scoped APIs, including regional ones like Conversation and Template Management. Regional aliases (us.auth.sinch.com, eu.auth.sinch.com) also exist but are not required — the global URL issues tokens valid for any region.
Use Basic auth (prototyping) — Application Key as username, Application Secret as password:
curl -X POST -u YOUR_APP_KEY:YOUR_APP_SECRET \
https://calling.api.sinch.com/calling/v1/callouts
Or use HMAC Signed Requests (production) — see signing algorithm docs:
Verification API also supports Public Authentication (weak, client-side SDK only).
curl -s --user 'api:YOUR_MAILGUN_API_KEY' \
https://api.mailgun.net/v3/{DOMAIN}/messages
For SDK-specific init code, use the language-specific references:
If language is unknown, ask first. The SDKs handle token refresh automatically.
us.conversation.api.sinch.com, eu.conversation.api.sinch.com). The OAuth token endpoint, however, is always https://auth.sinch.com/oauth2/token.| Error | Cause | Fix |
|---|---|---|
401 Unauthorized on Conversation/Numbers API | Wrong credentials or expired token | Verify Key ID from Access Keys and use the Key Secret saved at creation time; if the secret was lost, create a new Access Key and re-request an OAuth2 token. Also inspect the WWW-Authenticate response header for details (for example, invalid token, expired token, or invalid client). |
401 Invalid Signature on Voice/Verification | Wrong Application Key/Secret or signing error | Verify app credentials from Voice > Apps; ensure HMAC signing matches the algorithm spec |
| OAuth2 token works for Numbers but fails for Conversation | Wrong API base URL region | Ensure the API base URL matches the app's region (e.g., eu.conversation.api.sinch.com for EU apps) |
403 Forbidden | Key doesn't have access to this project/product | Check Access Key scope in dashboard; ensure correct Project ID |
Dashboard links below require authentication and are intended for human operators. Agents should rely on public docs for procedural guidance and treat dashboard URLs as navigational references only.
Authenticated Console Links (human operators):
Public Documentation Links (agent-friendly):