WordPress.org
Get WordPress
WordPress.org

Plugin Directory

İletiniz SMS

İletiniz SMS

By iletiniz
Download

Description

İletiniz SMS connects your WordPress site to iletiniz using the OAuth 2.0 Authorization Code flow (with PKCE) and turns your store into a complete SMS application. iletiniz is a hosted messaging service that sends SMS (and other channels, such as WhatsApp/Telegram, depending on your connected provider) through your own approved sender IDs and provider accounts.

Features:

  • Secure one-click connection via OAuth (no API key or password to type in), with workspace selection.
  • Dashboard: connection status, plan and remaining quota, connected SMS providers and approved sender IDs.
  • WooCommerce automation: when an order status changes (received, processing, shipped, cancelled, refunded, etc.) an automatic, templated SMS is sent to the customer.
  • Bulk sending: send a personalized bulk SMS to your WooCommerce customers in one go (filtered by order status and date).
  • Plan/quota gate: when your quota runs out or you have no active plan, the plugin links you directly to iletiniz to upgrade.
  • The API key is stored encrypted on your server (Libsodium/AES); least-privilege scope principle.
  • Disconnect (revoke) support.

Authorization scopes: messages:send, contacts:write, connections:read, account:read.

This plugin requires a (free or paid) account at iletiniz. Sending messages consumes the quota of your iletiniz plan.

External services

This plugin connects to the third-party iletiniz service, operated by İletiniz, to provide all of its messaging functionality. iletiniz is the SMS/messaging provider behind the plugin; without it the plugin cannot send messages or display account information. Two iletiniz endpoints are used:

1. iletiniz API – api.iletiniz.com

This is the service that actually sends your messages and returns your account/sender data. It is contacted in the following cases:

  • When a WooCommerce order changes status and the matching notification is enabled — to send the order SMS. Data sent: the customer’s phone number, the rendered message text, and (optionally) the selected sender ID and provider code.
  • When you run a bulk send from the “Bulk Sending” page — to send the messages. Data sent: the recipient phone numbers and the rendered message text for each recipient, plus the optional sender ID and provider code.
  • When the Dashboard, WooCommerce, or Bulk Sending pages load — to read your plan/quota (/v1/account) and your approved senders/connections (/v1/senders). No personal data is sent in these read requests.

Every request includes your iletiniz API key as a Bearer token so the service can authenticate your account.

2. iletiniz web app / authorization server – iletiniz.com

This is used only to connect and disconnect your site (OAuth 2.0 with PKCE). It is contacted in the following cases:

  • When you click “Connect to iletiniz”, you are redirected to iletiniz.com to log in and authorize the connection. After authorization, the plugin exchanges the returned authorization code for an API key at /connect/token. Data sent: the authorization code, the PKCE code verifier, the client id (wordpress), and the redirect URL.
  • When you disconnect, the plugin calls /connect/revoke to revoke the credentials on the iletiniz side. Data sent: the client id and the API key being revoked.

Use of these services is subject to the iletiniz Terms of Use and Privacy Policy:

  • Terms of Use: https://iletiniz.com/kullanim-sartlari
  • Privacy Policy: https://iletiniz.com/gizlilik-politikasi

Installation

  1. Copy the plugin folder into /wp-content/plugins/ (or upload the plugin ZIP from the WordPress admin).
  2. Activate the plugin from the WordPress admin Plugins screen.
  3. Open iletiniz › Settings from the left-hand menu (there is no key or secret to enter).
  4. Click Connect to iletiniz, sign in to your iletiniz account and select a workspace.
  5. Once connected, your plan, quota and providers appear under iletiniz › Dashboard.

FAQ

Do I need to enter an API key or password to connect?

No. The plugin uses OAuth 2.0 with PKCE (RFC 7636) — there is no client secret. You just click Connect to iletiniz, sign in to your iletiniz account and select a workspace.

Where is the API key stored?

In the wp_options table, encrypted with Libsodium or AES. The plaintext key is never written to the database.

Is WooCommerce required?

No. Without WooCommerce, the order automation and bulk sending menus are hidden; the connection and the developer API still work.

I can’t send messages / I get a quota warning.

Check your quota on the Dashboard. If you have no active plan or your quota is used up, you need to get a plan from iletiniz (use the link shown on the Dashboard).

What happens if I disconnect?

The local API key is deleted and the key is revoked on the iletiniz server.

Developer API

You can send an SMS from your own code:

// Single SMS (the channel is determined by the type of the selected iletiniz provider)
$result = Iletiniz_Client::send_sms( '+905001234567', 'Hello!', array(
    'sender'   => 'MYSTORE',   // optional approved sender ID
    'provider' => 'netgsm',    // optional connection code
) );
if ( is_wp_error( $result ) ) {
    // Handle the error
}

Reviews

There are no reviews for this plugin.

Contributors & Developers

“İletiniz SMS” is open source software. The following people have contributed to this plugin.

Contributors

Translate “İletiniz SMS” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

1.5.0

  • Internationalization: all admin UI strings now use English as the base (source) language, and a complete Turkish (tr_TR) translation is bundled. The plugin can now be properly translated into any language via translate.wordpress.org.
  • Added a /languages folder with the translation template (iletiniz-sms.pot) and the Turkish translation (iletiniz-sms-tr_TR.po / .mo), and declared Domain Path: /languages in the plugin header. Turkish stores keep seeing the interface in Turkish.

1.4.0

  • Compliance: documented the external iletiniz services (api.iletiniz.com and iletiniz.com) in the readme, including what data is sent and when, plus Terms of Use and Privacy Policy links.
  • The readme and plugin description are now provided in English (base language for translations).
  • Inline admin JavaScript (bulk message counter and WooCommerce sender/provider sync) is now registered and enqueued via wp_enqueue_script() / wp_localize_script() instead of being printed inline.
  • Removed the load_plugin_textdomain() call — translations are loaded automatically by WordPress.org for the plugin slug.

1.3.0

  • Security/UX: OAuth 2.0 with PKCE (RFC 7636, S256). Connecting no longer requires a client secret — the Client Secret field was removed from Settings and customers connect with a single click. (No shared secret is required on the server side either.)

1.2.0

  • New design: all admin pages (Dashboard, Settings, WooCommerce, Bulk Sending) were redesigned to match the iletiniz.com brand identity — logo, brand color (signal orange), modern cards, badges and buttons. The top menu icon is now the iletiniz logo.
  • Fix (scope): authorization now always requests the scopes required for the dashboard and sending (messages:send, contacts:write, connections:read, account:read). This fixes the “Authorization error … (scope)” seen on the dashboard for installs upgraded from 1.0.0 that had an older (narrow) scope setting saved. Reconnect once from Settings.
  • Compatibility: declared WooCommerce HPOS (High-Performance Order Storage) compatibility — the “incompatible plugin” warning in modern WooCommerce is gone, and order-status SMS notifications also work on HPOS stores.
  • WP 6.7+: translations are loaded on the init hook (“Translation loading triggered too early” warning avoided).
  • Test environment: the Docker image was moved to current WordPress + PHP 8.3; WooCommerce is now installed automatically in the test environment. The “headers already sent” issue that broke the OAuth redirect was fixed because debug output is no longer printed to the screen.

1.1.0

  • Dashboard: connection status, plan and quota, provider/sender list, plan gate.
  • WooCommerce: configurable, templated automatic SMS based on order status.
  • Bulk sending: filtered, personalized bulk SMS to WooCommerce customers.
  • New scopes: connections:read, account:read.

1.0.0

  • First release: OAuth 2.0 Authorization Code flow, encrypted API key storage, SMS sending.

Meta

Ratings

No reviews have been submitted yet.

Your review

See all reviews

Contributors

Support

Got something to say? Need help?

View support forum