Blacklist

Your team's opt-out list. Numbers on it are skipped by campaigns that set skip_blacklisted — keep it in sync with your own unsubscribe flows.

Endpoints live under /api/v1/ with a scoped mbs_ token or JWT. An entry can opt a number out of one sender (set sender_name) or out of everything your team sends (omit it).

Add a number

POST/api/v1/blacklist

Parameters

FieldTypeRequiredDescription
msisdnstringYesThe phone number, any accepted format (07…, 2547…, +2547…).
sender_namestringNoRestrict the opt-out to this sender ID only. Omit for a global opt-out across all your senders.
reasonstringNoFree-text note — e.g. "replied STOP", "complained via support".
curl -X POST https://api.mobilesasa.com/api/v1/blacklist \
  -H "Authorization: Bearer $MOBILESASA_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "msisdn": "0712345678",
    "sender_name": "DUKAPAY",
    "reason": "replied STOP"
  }'

View the list

GET/api/v1/blacklist
curl "https://api.mobilesasa.com/api/v1/blacklist?page=1&page_size=50" \
  -H "Authorization: Bearer $MOBILESASA_TOKEN"
Response — 200
{
  "success": true,
  "data": [
    {
      "uuid": "e7a21c04-…",
      "msisdn": "254712345678",
      "sender_name": "DUKAPAY",
      "reason": "replied STOP",
      "created_at": "2026-07-11T08:12:44Z"
    }
  ],
  "meta": { "page": 1, "page_size": 50, "total": 1 }
}

Remove an entry

DELETE/api/v1/blacklist/{uuid}

Removing an entry re-enables sends to that number. Use it when a customer opts back in.

curl -X DELETE "https://api.mobilesasa.com/api/v1/blacklist/e7a21c04-…" \
  -H "Authorization: Bearer $MOBILESASA_TOKEN"

Blacklist straight from a message

POST/api/v1/messages/{uuid}/blacklist

If you're looking at a sent message (say, one a customer complained about), this shortcut blacklists its recipient against that message's sender in one call — no need to re-derive the msisdn.

Honour STOP replies automatically

If you receive inbound traffic on a shortcode, watch for STOP-style keywords on your inbound webhook and add the sender to the blacklist immediately. Regulators take opt-out latency seriously.