Skip to main content
The Chat API lets you send and receive end-to-end encrypted direct messages on X. Message bodies are encrypted on the client; X routes ciphertext and cannot read plaintext content. Messages are also signed so recipients can verify the sender.

What you need in your app

Follow Getting Started for a full implementation. For concepts only, see the Cryptography primer.

How encryption works (overview)

  1. Create identity and signing keypairs; store private keys securely (Juicebox or protected blob).
  2. Publish public keys so others can wrap conversation keys to you and verify signatures.
  3. Share a conversation key by posting encrypted copies for each participant.
  4. Encrypt and sign outbound messages; send only ciphertext to X.
  5. Receive ciphertext via webhooks, stream, or event history.
  6. Verify and decrypt with the Chat XDK.

Useful endpoints

Grouped under API reference in the sidebar, including:
  • Public keys — register and fetch
  • Conversations and messages — list/get threads, add/rotate keys, events, send, typing, read, group membership
  • Media — upload and download encrypted attachments (guide)

Auth notes

Use OAuth 2.0 user context with DM-related scopes (dm.read, dm.write, plus users.read / tweet.read as required; media.write for uploads). X Chat activity for a user requires that user’s authorization. Juicebox config for PIN storage is returned on your public-key record (juicebox_config field)—see Getting Started.

Next steps

  1. Cryptography primer — optional background on E2EE concepts
  2. Getting Started — implement keys, send, and receive
  3. Chat XDK — encryption SDK reference
  4. Real-time events, Media, or Troubleshooting when you need those topics