Create a poll
Create a poll in a topic. The bot must be a member of the topic.
Polls are sent as messages. Each option text is stored server-side with a server-generated 6-character ID — use those IDs when submitting votes.
Anonymous polls (anonymous: true) do not support voting via the API.
Authorizations
Use your API key as the Bearer token. You can view your API key and secret in your Zenzap organization API key settings.
HMAC-SHA256 signature for request verification.
Headers
HMAC signature of the request for authentication and replay protection.
Replay Protection: The signature includes a timestamp to prevent replay attacks. Requests with timestamps older than 5 minutes are rejected.
The signature payload differs by HTTP method:
- POST/PUT/PATCH/DELETE: HMAC-SHA256 of
{timestamp}.{body} - GET: HMAC-SHA256 of
{timestamp}.{uri}
The signature is calculated as:
- Get the current Unix timestamp in milliseconds
- Determine the payload:
- For POST/PUT/PATCH/DELETE: Use
{timestamp}.{body}where body is the request body - For GET: Use
{timestamp}.{uri}where uri is the full request URI (e.g.,/v2/members?limit=10)
- For POST/PUT/PATCH/DELETE: Use
- Calculate HMAC-SHA256 of the combined payload using your API secret
- Hex-encode the output
- Include the timestamp in the
X-Timestampheader
Example for GET request to /v2/members?limit=10:
timestamp = 1699564800000
payload = "1699564800000./v2/members?limit=10"
signature = HMAC-SHA256(secret, payload)
X-Signature: hex(signature)
X-Timestamp: 1699564800000
Example for POST request with body {"topicId":"123","text":"Hello"}:
timestamp = 1699564800000
payload = '1699564800000.{"topicId":"123","text":"Hello"}'
signature = HMAC-SHA256(secret, payload)
X-Signature: hex(signature)
X-Timestamp: 1699564800000
For multipart/form-data requests, sign the exact raw request body bytes
(including boundaries and file bytes) as transmitted.
^[a-f0-9]{64}$"a3d5f8e7c2b1d4f6a8e9c7b5d3f1a2e4b6c8d0f2e4a6b8c0d2e4f6a8b0c2d4e6"
Unix timestamp in milliseconds when the request was created. Used for replay protection - requests older than 5 minutes are rejected.
1699564800000
Body
ID of the topic to post the poll in. The bot must be a member.
"550e8400-e29b-41d4-a716-446655440000"
The poll question / title.
500"Which release should we prioritize?"
Poll answer options. Each item is the display text; IDs are generated server-side.
2 - 10 elements1000[
"Bug fixes",
"New features",
"Performance improvements"
]
Whether voters may select one or multiple options:
single: one choice allowedmultiple: any number of choices allowed
single, multiple "single"
If true, voter identities are hidden. Anonymous polls do not support voting via the API.
false
Response
Poll created successfully. The id field is the poll ID — use it as {pollId} when calling POST /v2/polls/{pollId}/votes.
The poll ID. Use this as the pollId path parameter when voting.
"770e8400-e29b-41d4-a716-446655440099"
ID of the topic the poll was posted in.
"550e8400-e29b-41d4-a716-446655440000"
The poll question.
"Which release should we prioritize?"
Poll options with their server-generated IDs.
single, multiple "single"
Current poll status.
active, closed "active"
Whether the poll is anonymous.
false
Creation timestamp in milliseconds.
1699564800000