SMS API
The API sends whatever you tell it. Registration, consent gating, and suppression checks are application-layer duties the provider cannot do for you.
SMS APIs reduce texting to an HTTP request, which is precisely why they concentrate compliance risk: the same loop that notifies 50 users can blast 50,000, and the API will not stop you.
What the API provider enforces: 10DLC registration before US sending (error 30034 otherwise), STOP keyword interception (usually automatic), and content filtering at the carrier edge. What it cannot enforce: whether your application's recipients consented, whether your message content matches the registered use case, and whether your application checks the suppression state before each send.
Developer checklist: gate every send on a consent check against your system of record, subscribe to opt-out webhooks and propagate them, store consent evidence outside the application database, and keep transactional and marketing traffic on correctly registered campaigns.
Frequently asked questions
Related glossary terms
10DLC (10-Digit Long Code) is the US carrier-mandated framework for sending Application-to-Person SMS from local 10-digit numbers, requiring brand and campaign registration with The Campaign Registry.
A Campaign Service Provider (CSP) is the registered intermediary — Twilio, Bandwidth, Sinch, LeadConnector — that submits 10DLC brand and campaign registrations to The Campaign Registry on behalf of businesses.
A suppression list is the registry of phone numbers that have revoked consent. Senders must check this list before every outbound send to remain TCPA-compliant.