Phone Contact Rules
Per-phone-number allow/block rules for inbound calls and text messages. The phone number's filter_mode field decides how the rule list is interpreted:
filter_mode: "whitelist"— only callers matching anallowrule can reach the numberfilter_mode: "blacklist"— every caller can reach the number except those matching ablockrule
Set filter_mode on the phone number itself via PATCH /numbers/{phone_number_id} — see Phone numbers. Rules match on exact E.164 phone numbers only in v1 (match_type: "exact_number"); the field is wired in to stay forward-compatible when additional match types are added.
A rule with status: "paused" reserves the target slot without taking effect, so you can stage policy changes without losing the uniqueness claim.
Auth. List, get, and create accept admin API keys, claimed agent keys, and Clerk JWT; unclaimed (mid-signup) agent keys are rejected. PATCH, DELETE, and the org-wide list are admin + JWT only.
List contact rules GET
GET /numbers/{phone_number_id}/contact-rulesList contact rules for a phone number, newest first.
Path parameters
| Parameter | Type | Description |
|---|---|---|
phone_number_id | UUID | Phone number ID |
Query parameters
| Parameter | Type | Default | Description |
|---|---|---|---|
action | string | — | Filter by "allow" or "block" |
match_type | string | — | Filter by match type ("exact_number" is the only value in v1) |
limit | integer | 50 | 1–200 |
offset | integer | 0 | Offset for pagination |
Response (200)
JSONCode examples
cURLCreate contact rule POST
POST /numbers/{phone_number_id}/contact-rulesCreate an allow or block rule on a phone number.
Path parameters
| Parameter | Type | Description |
|---|---|---|
phone_number_id | UUID | Phone number ID |
Request body
| Field | Type | Required | Description |
|---|---|---|---|
action | string | Yes | "allow" or "block" |
match_type | string | No | "exact_number" (default, the only value in v1) |
match_target | string | Yes | E.164 phone number (e.g. +15551234567) |
New rules always start with status: "active" — to pause a rule use Update contact rule.
Request example
JSONResponse (201)
Returns the created rule.
Error responses
| Status | Description |
|---|---|
| 409 | A non-deleted rule with the same (match_type, match_target) already exists. Response body contains existing_rule_id. |
| 422 | match_target is not a valid E.164 phone number |
Code examples
cURLGet contact rule GET
GET /numbers/{phone_number_id}/contact-rules/{rule_id}Fetch a single contact rule by ID.
Path parameters
| Parameter | Type | Description |
|---|---|---|
phone_number_id | UUID | Phone number ID |
rule_id | UUID | Rule ID |
Code examples
cURLUpdate contact rule PATCH
PATCH /numbers/{phone_number_id}/contact-rules/{rule_id}Update a rule's action or status.
Auth: admin API key or Clerk JWT only.
match_type and match_target are immutable — delete the rule and create a new one to change the target.
Path parameters
| Parameter | Type | Description |
|---|---|---|
phone_number_id | UUID | Phone number ID |
rule_id | UUID | Rule ID |
Request body
At least one of:
| Field | Type | Description |
|---|---|---|
action | string | "allow" or "block" |
status | string | "active" or "paused" (only these two values are accepted on PATCH; use DELETE to remove a rule) |
Sending null for either field is a client error (422) — omit the field to leave it unchanged.
Code examples
cURLDelete contact rule DELETE
DELETE /numbers/{phone_number_id}/contact-rules/{rule_id}Delete a contact rule. Returns 204 No Content on success.
Auth: admin API key or Clerk JWT only.
Path parameters
| Parameter | Type | Description |
|---|---|---|
phone_number_id | UUID | Phone number ID |
rule_id | UUID | Rule ID |
Code examples
cURLList org phone contact rules GET
GET /phone/contact-rulesOrg-wide aggregate list of phone contact rules across every phone number the caller can see. Intended for admin dashboards that render rules org-wide without fanning out one per-number request per number.
Auth: admin API key or Clerk JWT only.
Results are ordered created_at descending, with id as a stable tiebreaker so pagination stays consistent when rules from different numbers share a microsecond.
Query parameters
| Parameter | Type | Default | Description |
|---|---|---|---|
phone_number_id | UUID | — | Narrow to a single phone number; omit to list across every number in the org |
action | string | — | Filter by "allow" or "block" |
match_type | string | — | Filter by match type ("exact_number" is the only value in v1) |
limit | integer | 50 | Max rules (1–200) |
offset | integer | 0 | Offset for pagination |
Response (200)
Returns an array of contact rule objects — same shape as the per-number list.
Code examples
cURLContact rule object
| Field | Type | Description |
|---|---|---|
id | UUID | Unique rule identifier |
phone_number_id | UUID | Owning phone number |
action | string | "allow" or "block" |
match_type | string | "exact_number" (v1) |
match_target | string | E.164 phone number |
status | string | "active", "paused", or "deleted" |
created_at | string | Creation timestamp (ISO 8601) |
updated_at | string | Last-updated timestamp (ISO 8601) |
Additional resources
- Filtering guide — narrative walk-through of whitelist/blacklist semantics across mail and phone
- Phone numbers — includes the
filter_modefield that interprets these rules - Mail contact rules — the mail-side equivalent