Skip to content

API reference

Dial Dozer exposes seven key-authenticated operations plus public booking, Dynamic Number Insertion (DNI), provider ingress, and signed outbound webhooks.

OperationMethod and pathScopeLimit
Create or deduplicate a leadPOST /hooks/lead_intake.phpleads:write120/hour/key
Get a leadGET /hooks/api_v1.php?r=leads/{lead_id}leads:read300/hour/key*
Get a conversationGET /hooks/api_v1.php?r=conversations/{lead_id}conversations:read300/hour/key*
Send a message or notePOST /hooks/api_v1.php?r=messagesmessages:write300/hour/key*
Queue a CTI dialPOST /hooks/api_v1.php?r=cti/dialcti300/hour/key*
Look up a callerGET /hooks/api_v1.php?r=cti/lookup&phone=...cti300/hour/key*
Ingest KPI pointsPOST /hooks/kpi_ingest.phpmetrics:write600/hour/key

* All key-authenticated endpoint families currently increment the same per-key/hour counter. Each endpoint then applies its own threshold (120, 300, or 600), so traffic to one family can exhaust a stricter family. The five api_v1.php operations also share the 300 threshold.

Use X-Api-Key for authentication. A JSON/form api_key field also works, but headers avoid leaking credentials into payload logs.

Terminal window
curl --fail-with-body \
-H "X-Api-Key: $DIALDOZER_API_KEY" \
"https://app.dialdozer.com/hooks/api_v1.php?r=leads/12345"

The API is query-routed PHP, not a rewritten /v1/... REST surface. IDs are numeric. Tenant-bound keys can only address leads in campaigns mapped to their organization; platform-global keys are not tenant-restricted. Pagination is not currently exposed: conversation reads return at most the latest 200 merged entries.