This guide provides a step-by-step walkthrough for building a Node.js application using the Express framework to send SMS messages via the Vonage Messages API and receive real-time delivery status updates via webhooks.

Project Goal: Create a reliable system to send SMS messages programmatically and track their delivery status, ensuring you know whether a message reached the recipient's handset.

Core Problems Solved:

• Programmatic sending of SMS messages.
• Confirmation of message delivery beyond the initial API submission success.
• Setting up a webhook endpoint to receive asynchronous status updates from the carrier network.

Technologies Used:

• Node.js: A JavaScript runtime environment for building server-side applications.
• Express: A minimal and flexible Node.js web application framework used here to create a webhook endpoint.
• Vonage Messages API: A multi-channel API enabling communication via SMS, MMS, WhatsApp, and more. We'll use it for sending SMS and configuring status webhooks.
• Vonage Node.js SDK: Simplifies interaction with the Vonage APIs within a Node.js environment.
• ngrok: A tool to expose local development servers to the public internet, essential for testing webhooks locally.
• dotenv: A module to load environment variables from a .env file into process.env.

System Architecture:

1. Your application sends an SMS request to the Vonage Messages API using your credentials (Application ID and Private Key).
2. Vonage relays the message to the appropriate carrier network.
3. The carrier network attempts delivery to the recipient's phone.
4. The carrier network sends a Delivery Receipt (DLR) back to Vonage indicating the delivery status (e.g., delivered, failed). Vonage then triggers a webhook event based on this DLR.
5. Vonage sends an HTTP POST request containing the delivery status payload to your application's pre-configured webhook endpoint (Status URL).

Final Outcome: A Node.js application capable of sending an SMS message and logging its delivery status received via a webhook.

Prerequisites:

• Node.js and npm (or yarn): Installed on your development machine. (Download Node.js)
• Vonage API Account: Required to get API credentials and a virtual number. (Sign up for free)
• Vonage Virtual Phone Number: Purchase one from the Vonage Dashboard that is SMS-enabled in your target country.
• Vonage CLI (Optional but Recommended): Simplifies application management. Install via npm install -g @vonage/cli. You may need your API Key/Secret for initial CLI setup.
• ngrok: Installed and authenticated (a free account is sufficient). (Download ngrok)
• Text Editor or IDE: Like VS Code.
• A Personal Phone Number: To receive the test SMS messages.

1. Vonage Account and API Setup

Before writing code, configure your Vonage account and application settings.

1. Sign Up/Log In: Access your Vonage API Dashboard.
2. Get API Key and Secret: Note down your API Key and API Secret found at the top of the Dashboard homepage. While the Messages API SDK primarily uses Application ID and Private Key for authentication (see step 5), the Key/Secret pair might be needed for other interactions, such as setting up the Vonage CLI or using older Vonage APIs. Clarify which credentials are required for the specific task you are performing.
3. Set Default SMS API (CRITICAL):
   • Navigate to Account Settings in the left-hand menu.
   • Scroll down to the API settings section.
   • Under Default SMS Setting, ensure Messages API is selected. This determines the format of webhooks and the expected API interactions.
   • Click Save changes.
   • Why? Vonage has two SMS APIs (legacy SMS API and Messages API). They use different webhook formats and authentication methods. This guide uses the Messages API. Selecting it here ensures consistency.
4. Buy a Virtual Number:
   • Navigate to Numbers > Buy numbers.
   • Search for numbers by country and ensure the SMS capability is selected.
   • Purchase a number. Note this number down; it will be your VONAGE_NUMBER.
5. Create a Vonage Application: The Messages API requires requests to be associated with a Vonage Application for authentication using a private key.
   • Navigate to Applications > Create a new application.
   • Enter a descriptive name (e.g., Node SMS Status App).
   • Click Generate public and private key. This will automatically download the private key file (e.g., private.key). Save this file securely. For this guide, we suggest placing it in your project directory and adding it to .gitignore.
     • Security Note: Storing private keys directly in the project directory is convenient for development guides but is not recommended for production. More secure practices include storing the key file outside the project root, using environment variables to pass the key content directly, or utilizing dedicated secrets management systems (like AWS Secrets Manager, HashiCorp Vault, etc.).
   • Enable the Messages capability.
   • You will see fields for Inbound URL and Status URL. For now, you can enter temporary placeholders like http://localhost:3000/webhooks/inbound and http://localhost:3000/webhooks/status. We will update the Status URL later with our ngrok URL.
     • Inbound URL: Where Vonage sends incoming message webhooks (if someone replies to your Vonage number).
     • Status URL: Where Vonage sends delivery status webhooks for messages you send. This is the one we need for this guide.
   • Scroll down and Link the virtual number you purchased earlier to this application.
   • Click Create application.
   • Note down the Application ID generated for this application.

2. Project Setup

Initialize the Node.js project and install necessary dependencies.

1. Create Project Directory:

   bash

   mkdir vonage-sms-status-guide
   cd vonage-sms-status-guide
   

2. Initialize Node.js Project:

   bash

   npm init -y
   # or: yarn init -y
   

3. Install Dependencies:

   bash

   npm install @vonage/server-sdk express dotenv
   # or: yarn add @vonage/server-sdk express dotenv
   
   • @vonage/server-sdk: The official Vonage Node.js library.
   • express: Web framework to create the webhook endpoint.
   • dotenv: To manage environment variables securely.

4. Create Project Structure:

   vonage-sms-status-guide/
   ├── node_modules/
   ├── .env            # Environment variables (DO NOT COMMIT)
   ├── .gitignore      # Files/folders to ignore in Git
   ├── index.js        # Main application logic
   ├── package.json
   ├── private.key     # Your downloaded Vonage private key (DO NOT COMMIT)
   └── (yarn.lock or package-lock.json)
   

5. Configure Environment Variables (.env): Create a file named .env in the project root and add the following, replacing the placeholder values with your actual credentials and details:

   bash

   # .env
   
   # Vonage Credentials (Obtained from Vonage Dashboard & Application setup)
   VONAGE_APPLICATION_ID=YOUR_APPLICATION_ID
   VONAGE_PRIVATE_KEY_PATH=./private.key # Relative path to your private key file
   
   # Vonage Number (The virtual number you purchased and linked)
   VONAGE_NUMBER=YOUR_VONAGE_VIRTUAL_NUMBER # e.g., 14155550100
   
   # Test Recipient Number (Your personal phone number for testing)
   TO_NUMBER=YOUR_PERSONAL_PHONE_NUMBER # e.g., 14155550199
   
   # Server Configuration
   PORT=3000 # Port for the local Express server
   BASE_URL= # Will be populated by ngrok later
   
   • VONAGE_APPLICATION_ID: The ID of the Vonage application you created.
   • VONAGE_PRIVATE_KEY_PATH: The file path relative to your project root where you saved the private.key file. (Adjust if using a different storage method).
   • VONAGE_NUMBER: The E.164 formatted Vonage virtual number linked to your application.
   • TO_NUMBER: The E.164 formatted phone number you want to send the test SMS to.
   • PORT: The port your local Express server will run on.
   • BASE_URL: This will hold the public URL generated by ngrok. We'll use it to tell Vonage where to send webhooks.

6. Configure Git Ignore (.gitignore): Create a .gitignore file to prevent committing sensitive information and unnecessary files:

   # .gitignore
   
   # Dependencies
   node_modules/
   
   # Environment variables
   .env
   
   # Vonage Private Key
   private.key
   *.key
   
   # Logs
   npm-debug.log*
   yarn-debug.log*
   yarn-error.log*
   

3. Implementing Core Functionality: Sending SMS & Handling Status Webhooks

Now, let's write the Node.js code.

index.js:

// index.js
require('dotenv').config(); // Load environment variables from .env file
const express = require('express');
const { Vonage } = require('@vonage/server-sdk');
const { SMS } = require('@vonage/messages'); // Import the SMS class
const fs = require('fs'); // Required to read the private key file

// --- Vonage SDK Initialization ---
// Read the private key from the file path specified in the environment variables
let privateKey;
try {
    privateKey = fs.readFileSync(process.env.VONAGE_PRIVATE_KEY_PATH);
} catch (err) {
    console.error('Error reading private key file:', err.message);
    process.exit(1); // Exit if the key cannot be read
}

const vonage = new Vonage({
  applicationId: process.env.VONAGE_APPLICATION_ID,
  privateKey: privateKey // Pass the key content, not the path
});

// --- SMS Sending Function ---

/**
 * Sends an SMS message using the Vonage Messages API.
 * @param {string} text - The text content of the message.
 * @param {string} recipient - The recipient phone number in E.164 format.
 * @returns {Promise<object&gt;} - The response object from the Vonage API.
 */
async function sendSms(text, recipient) {
  console.log(`Attempting to send SMS to ${recipient}...`);
  try {
    const resp = await vonage.messages.send(
      new SMS({
        to: recipient,
        from: process.env.VONAGE_NUMBER,
        text: text,
        clientRef: `my-app-${Date.now()}` // Optional client reference
      })
    );
    console.log('Message submitted successfully!');
    console.log('Message UUID:', resp.messageUuid);
    return resp; // Contains message_uuid
  } catch (err) {
    console.error('Error sending SMS:', err.response ? err.response.data : err.message);
    // More detailed error logging
    if (err.response && err.response.data) {
      console.error('Vonage API Error Details:', JSON.stringify(err.response.data, null, 2));
    }
    throw err; // Re-throw the error for upstream handling if needed
  }
}

// --- Express Webhook Server Setup ---

const app = express();
// Use middleware to parse JSON and URL-encoded request bodies
// Vonage webhooks typically come as JSON
app.use(express.json());
app.use(express.urlencoded({ extended: true }));

const PORT = process.env.PORT || 3000; // Use port from .env or default to 3000

// Define the webhook endpoint for delivery receipts (Status URL)
// Vonage sends POST requests to this endpoint
app.post('/webhooks/status', (req, res) =&gt; {
  console.log('--- Delivery Status Webhook Received ---');
  console.log('Timestamp:', new Date().toISOString());
  console.log('Request Body:', JSON.stringify(req.body, null, 2)); // Log the entire payload

  const params = req.body;

  // Log key information from the DLR
  console.log(`Status: ${params.status}`);
  console.log(`Message UUID: ${params.message_uuid}`);
  console.log(`To: ${params.to}`);
  console.log(`From: ${params.from}`);
  console.log(`Timestamp: ${params.timestamp}`); // When the status event occurred

  if (params.error) {
      console.error(`Error Code: ${params.error.code}`);
      console.error(`Error Reason: ${params.error.reason}`);
  }

  // TODO: Implement Webhook Signature Verification here for production security!

  // IMPORTANT: Respond to Vonage quickly with a 2xx status code
  // Otherwise, Vonage will retry sending the webhook.
  // 204 No Content is suitable as we don't need to send a body back.
  res.status(204).send();
});

// Optional: A simple root route for testing the server is running
app.get('/', (req, res) =&gt; {
  res.send('SMS Status Webhook Server is running!');
});

// --- Main Execution Logic ---

// Function to start the server and send a test SMS
async function start() {
  app.listen(PORT, () =&gt; {
    console.log(`Webhook server listening on http://localhost:${PORT}`);
    // Check if BASE_URL is set (it won't be until ngrok runs and .env is updated)
    if (!process.env.BASE_URL) {
        console.warn('********************************************************************');
        console.warn('WARNING: BASE_URL environment variable is not set.');
        console.warn('Run ngrok, update .env with the ngrok URL, and restart the app.');
        console.warn('Webhook endpoint will be http://localhost:3000/webhooks/status locally.');
        console.warn('Vonage needs the public ngrok URL to send status updates.');
        console.warn('********************************************************************');
    } else {
        console.log(`Vonage Status Webhook URL should be configured to: ${process.env.BASE_URL}/webhooks/status`);
    }

    // Example: Send a test SMS shortly after starting (commented out by default)
    // In a real app, you'd trigger this based on user action or other events.
    /*
    setTimeout(async () =&gt; {
      try {
        await sendSms(`Hello from Vonage! Test @ ${new Date().toLocaleTimeString()}`, process.env.TO_NUMBER);
      } catch (error) {
        console.error('Failed to send initial test SMS.');
      }
    }, 5000); // Wait 5 seconds before sending
    */
  });
}

// Check if the script is run directly (not required by another module)
if (require.main === module) {
    // Check if essential environment variables are set
    if (!process.env.VONAGE_APPLICATION_ID || !process.env.VONAGE_PRIVATE_KEY_PATH || !process.env.VONAGE_NUMBER || !process.env.TO_NUMBER) {
        console.error("Error: Required environment variables (VONAGE_APPLICATION_ID, VONAGE_PRIVATE_KEY_PATH, VONAGE_NUMBER, TO_NUMBER) are missing.");
        console.error("Please check your .env file.");
        process.exit(1); // Exit if configuration is missing
    }
    start();
}

// Export functions if you plan to require this module elsewhere (optional)
module.exports = { sendSms, app };

Code Explanation:

1. Environment Variables: require('dotenv').config() loads variables from your .env file.
2. Vonage SDK Initialization:
   • fs.readFileSync reads the private key file content. Error handling is added here.
   • new Vonage(...) creates the Vonage client instance.
   • Authentication for the Messages API uses applicationId and the content of the privateKey.
   • Why this auth? The Messages API uses JWTs generated from your private key for more secure, per-application authentication compared to just API key/secret.
3. sendSms Function:
   • Takes text and recipient number as arguments.
   • Uses vonage.messages.send() with an SMS object containing to, from, and text.
   • The from number must be the Vonage virtual number linked to your Application ID.
   • clientRef is an optional field you can use to correlate messages with your internal system identifiers.
   • It returns the response from Vonage, which includes the messageUuid. This UUID is crucial for tracking the message status.
   • Includes async/await with try/catch for handling the API call result. Enhanced error logging provides more details if the API call fails.
4. Express Server Setup:
   • An Express application (app) is created.
   • express.json() and express.urlencoded() middleware are essential for parsing incoming webhook request bodies (Vonage sends JSON payloads).
5. Webhook Endpoint (/webhooks/status):
   • app.post('/webhooks/status', ...) defines the route that will listen for delivery status updates from Vonage.
   • It logs the entire req.body (the webhook payload) for inspection. This is very helpful during development.
   • It extracts and logs key fields like status (e.g., submitted, delivered, rejected, failed), message_uuid, to, from, timestamp, and any error details.
   • Crucially, it sends back a 204 No Content status code using res.status(204).send(). This acknowledges receipt to Vonage. If you don't send a 2xx response quickly, Vonage will assume the webhook failed and will retry, potentially leading to duplicate processing on your end.
   • A TODO comment reminds you where to add signature verification.
6. Server Start & Initial Check:
   • app.listen() starts the server on the specified PORT.
   • It includes a check for the BASE_URL environment variable to remind the developer to configure ngrok and update the .env file.
   • The commented-out setTimeout shows how you might trigger the sendSms function for testing.
7. Main Execution Block:
   • if (require.main === module) ensures the start() function only runs when the script is executed directly.
   • Includes checks for essential environment variables before starting.

4. Running and Testing with ngrok

To receive webhooks from Vonage on your local machine, you need to expose your local server to the internet using ngrok.

1. Start ngrok: Open a new terminal window/tab (keep the one for your Node app separate) and run:

   bash

   # Replace 3000 if you used a different PORT in your .env file
   ngrok http 3000
   

2. Get ngrok URL: ngrok will display output similar to this:

   Session Status                online
   Account                       Your Name (Plan: Free)
   Version                       x.x.x
   Region                        United States (us)
   Web Interface                 http://127.0.0.1:4040
   Forwarding                    http://xxxxxxxxxxxx.ngrok.io -> http://localhost:3000
   Forwarding                    https://xxxxxxxxxxxx.ngrok.io -> http://localhost:3000 # <-- Use this HTTPS URL
   
   Connections                   ttl     opn     rt1     rt5     p50     p90
                                 0       0       0.00    0.00    0.00    0.00
   

   Copy the https Forwarding URL (e.g._ https://xxxxxxxxxxxx.ngrok.io). This is your public base URL.

3. Update .env File: Open your .env file and set the BASE_URL:

   bash

   # .env
   # ... other variables ...
   BASE_URL=https://xxxxxxxxxxxx.ngrok.io # Paste your ngrok https URL here
   

   Save the .env file.

4. Update Vonage Application Status URL:

   • Go back to your Vonage API Dashboard.
   • Navigate to Applications and select the application you created (Node SMS Status App).
   • Find the Messages capability section.
   • Update the Status URL field by pasting your full ngrok webhook URL: YOUR_NGROK_HTTPS_URL/webhooks/status (e.g._ https://xxxxxxxxxxxx.ngrok.io/webhooks/status).
   • Click Save changes.
   • Why update now? Vonage needs the correct_ publicly accessible URL before you send the message to know where to deliver the status update.

5. Start Your Node.js Application: In the terminal where your project code resides_ run:

   bash

   node index.js
   

   You should see the server start message and the configured webhook URL. If you see an error reading the private key_ ensure the path in .env is correct and the file exists.

6. Trigger the SMS Send: To send an SMS immediately on startup for testing_ modify the start() function in index.js like this:

   javascript

   // Modified start function in index.js for immediate testing:
   async function start() {
     app.listen(PORT_ async () => { // Make the callback async
       console.log(`Webhook server listening on http://localhost:${PORT}`);
       if (process.env.BASE_URL) {
           console.log(`Vonage Status Webhook URL should be configured to: ${process.env.BASE_URL}/webhooks/status`);
           // Send SMS immediately after server starts and BASE_URL is confirmed
           try {
               console.log(""Sending test SMS..."");
               await sendSms(`Hello from Vonage! Test @ ${new Date().toLocaleTimeString()}`, process.env.TO_NUMBER);
           } catch (error) {
               console.error('Failed to send initial test SMS.');
           }
       } else {
            console.warn('********************************************************************');
            console.warn('WARNING: BASE_URL environment variable is not set or app restarted before setting.');
            console.warn('Ensure ngrok is running, .env is updated with BASE_URL, and restart the app.');
            console.warn('********************************************************************');
       }
     });
   }
   

   Stop (Ctrl+C) and restart your Node app (node index.js) after saving this change. Remember to revert this change or use a different trigger mechanism for non-testing scenarios.

7. Observe Output:

   • Node App Terminal:
     • You'll see the ""Attempting to send SMS..."" message.
     • Then ""Message submitted successfully!"" with the messageUuid.
     • A short while later (seconds to maybe a minute, depending on network), you should see the ""--- Delivery Status Webhook Received ---"" message, followed by the JSON payload containing the status (delivered, failed, etc.).
   • Your Phone: You should receive the SMS message.
   • ngrok Terminal: You'll see HTTP requests logged (e.g., POST /webhooks/status 204 No Content).
   • ngrok Web Interface (http://127.0.0.1:4040): You can inspect the incoming requests and responses in detail here, which is excellent for debugging.

5. Error Handling and Logging

• API Call Errors: The sendSms function includes a try...catch block. It logs specific Vonage API errors if available (err.response.data) or the general error message. In production, you'd integrate this with a more robust logging framework (like Winston or Pino) and potentially an error tracking service (like Sentry).
• Webhook Errors: The webhook handler currently just logs the body. In production:
  • Validate the incoming payload structure.
  • Implement signature verification (see Security Considerations). This is critical.
  • Handle potential errors during processing (e.g., database write failures if you store the status) gracefully, but still return a 2xx to Vonage quickly. Log the error for later investigation.
• Retry Mechanisms: Vonage automatically retries sending webhooks if it doesn't receive a 2xx response. Your primary responsibility is to ensure your endpoint is reliable and responds quickly. For the outgoing SMS, if the initial sendSms API call fails due to transient network issues, you could implement a retry mechanism (e.g., using libraries like async-retry) with exponential backoff before considering the send failed.

6. Security Considerations

• API Credentials & Private Key: Never commit your .env file or private.key to version control. Use environment variables or a secrets management system in production. Consider loading the private key content directly from an environment variable instead of a file path for added security in some deployment scenarios.
• Webhook Security (Signature Verification - CRITICAL): Vonage can sign webhook requests, allowing you to verify they genuinely came from Vonage. This prevents attackers from sending fake status updates to your endpoint.
  • How it works: You configure a signature secret in your Vonage account settings (under Account Settings > API settings). Vonage includes a JWT in the Authorization header of webhook requests, signed using this secret.
  • Implementation: Use the verifySignature method from the @vonage/server-sdk within your /webhooks/status handler before processing the request body. This step is essential for any production application. This guide does not include the implementation code for signature verification, but you can find details and examples in the Vonage documentation on Signed Webhooks.
• Input Validation: While this example doesn't take user input for the webhook, always validate any data received from external sources. For the sendSms function, ensure recipient numbers are in the expected format (E.164).
• Rate Limiting: Protect your webhook endpoint from abuse by implementing rate limiting (e.g., using express-rate-limit).

7. Troubleshooting and Caveats

• 401 Unauthorized Error on Sending: Double-check VONAGE_APPLICATION_ID. Ensure VONAGE_PRIVATE_KEY_PATH in .env points to a valid private.key file and that the Node.js process has read permissions for it. Verify the key content itself is correct.
• SMS Not Sending (API Success, No Message Received):
  • Verify TO_NUMBER is correct and includes the country code (E.164 format).
  • Ensure the VONAGE_NUMBER is linked to the VONAGE_APPLICATION_ID in the dashboard.
  • Check if the destination country/carrier has any restrictions or requires pre-registration for Alphanumeric Sender IDs (if you were using one instead of the VONAGE_NUMBER). Using the number itself is generally more reliable.
  • Check the Vonage status page for potential outages.
• Webhook Not Received:
  • Verify ngrok is running and the https:// URL is correct.
  • Confirm the Status URL in the Vonage Application settings exactly matches YOUR_NGROK_HTTPS_URL/webhooks/status. A typo here is common.
  • Check the ngrok web interface (http://127.0.0.1:4040) to see if requests are arriving but maybe failing (non-2xx response).
  • Ensure your Node.js server is running and hasn't crashed (check logs).
  • Check firewalls (though ngrok usually bypasses local firewalls).
• Incorrect Default API Setting: If you get webhooks in a different format than expected (e.g., URL-encoded instead of JSON), re-verify that Messages API is set as the Default SMS Setting in your Vonage Account Settings.
• private.key Permissions / Read Error: Ensure the Node.js process has read permissions for the private.key file and the path in .env is correct relative to where you run node index.js.
• ngrok Session Expiry: Free ngrok sessions expire after a few hours. You'll need to restart ngrok and update the BASE_URL in .env and the Status URL in the Vonage dashboard. Paid ngrok plans offer stable subdomains.
• Delivery Receipt Support: Not all carriers/countries reliably provide final handset delivery receipts (delivered status). The status might remain submitted or accepted (meaning accepted by the carrier) even if delivered. Test thoroughly in your target regions. delivered is the confirmation you're looking for when available.

8. Deployment Considerations (Beyond Localhost)

• Persistent URL: Replace ngrok with a permanent public URL for your server (e.g., using a cloud provider like AWS EC2/Lambda, Google Cloud Run, Heroku, DigitalOcean App Platform). Update the Vonage Application's Status URL accordingly.
• Environment Variables: Use your deployment platform's system for managing environment variables securely (do not deploy .env files). Pass the private key content via an environment variable if possible, rather than deploying the key file.
• Process Manager: Use a process manager like PM2 (npm install -g pm2) to keep your Node.js application running reliably, manage logs, and handle restarts. (pm2 start index.js --name vonage-sms-status)
• HTTPS: Ensure your production webhook endpoint uses HTTPS (most platforms handle this automatically or require configuration).
• Logging and Monitoring: Integrate robust logging (e.g., Winston sending logs to a centralized service) and application performance monitoring (APM) tools.
• Database: Store relevant message details (messageUuid, status, timestamp, clientRef) in a database for tracking, analytics, and auditing. Update the status in your database when the webhook arrives.
• CI/CD: Set up a Continuous Integration/Continuous Deployment pipeline to automate testing and deployment.

9. Verification and Testing

• Send Test SMS: Trigger the sendSms function (e.g., using the modified start function or another method).
• Verify Receipt: Confirm the message arrives on the TO_NUMBER phone.
• Check Logs: Observe the Node.js application logs for:
  • Successful submission (Message submitted successfully! Message UUID: ...).
  • Incoming webhook (--- Delivery Status Webhook Received ---).
  • Correct status in the webhook payload (status: delivered).
• Check ngrok Interface: Use http://127.0.0.1:4040 to inspect the exact request payload received from Vonage and the 204 No Content response sent back by your app.
• Test Failure Cases:
  • Temporarily use an invalid TO_NUMBER (if possible, check Vonage documentation for test numbers that simulate failures). Observe if a failed or rejected status webhook is received.
  • Turn off the recipient phone and send a message. See if the status remains submitted or eventually becomes expired. Turn the phone back on; it might update to delivered later (depending on carrier retry logic and message validity period).
  • Simulate endpoint failure: Stop your Node app before Vonage sends the webhook. Use the ngrok interface to see Vonage attempting retries (it should eventually stop, typically after several attempts over a period of time).

Conclusion

You have successfully built a Node.js application using Express that can send SMS messages via the Vonage Messages API and receive delivery status updates through webhooks. This provides crucial visibility into whether your messages are reaching their destination.

Remember that for production environments, implementing webhook signature verification is critical for security. Additionally, robust error handling, logging, and secure credential management are essential.

Next Steps:

• Integrate webhook signature verification using the Vonage Node SDK and your signature secret.
• Store message status updates in a database for persistent tracking.
• Implement more sophisticated logging and error tracking suitable for production.
• Deploy the application to a chosen hosting platform.
• Explore handling incoming SMS messages (replies) by configuring the Inbound URL and adding a corresponding route handler.