Key difference vs. Chat: Connect does not use the
POST /v1/embed/sessions token. It uses the remote-pairing token that lives in the iframe URL (not in memory via postMessage), with a 24h TTL.Flow
Backend creates the pairing link
provider: "META" for a Cloud API (Embedded Signup) pairing; brandingOverride is optional. The response includes remotePairingUrl (https://connect.pilotstatus.com.br/connect/<token>), maskedNumber, and messageSent. The token is the UUID at the end of the URL (TTL 24h). Forward only the token/URL to your frontend.postMessage protocol (iframe → parent)
Connect never receives aninit message — the token is already in the URL. The SDK only listens (validating origin === connect.pilotstatus.com.br and source === iframe.contentWindow):
| Message | Callback | Meaning |
|---|---|---|
connect:paired{numberId?, redirectUrl?} | onPaired | number connected |
connect:error{message} | onError | failure |
connect:expired | onExpired | token/QR expired (24h) |
resize{height} | — | SDK adjusts iframe height |
allow-scripts allow-same-origin allow-forms allow-popups allow-popups-to-escape-sandbox — the popup escape is required for Meta’s Embedded Signup window.
White-label / branding
Precedence: URL query params > per-linkbrandingOverride (snapshotted on the number) > tenant branding (GET/PUT /v1/branding) > default.
Security model
x-api-keystays on your backend; only it callsPOST /v1/numbers/remote-pairing.- The pairing token expires in 24h and only authorizes that link’s pairing endpoints.
- Origins are validated on both sides; the iframe runs on
connect.*so its API calls are same-origin (no CORS surface for your app).