Quickstart — First Profile Lookup in 10 Minutes
Goal: make a single authenticated HTTP request to the WhatsApp Data API and read back the public profile of a phone number. No SDK install needed — works from any language with an HTTP client.
Step 1 — Get an API key
Two channels — pick one. Same JSON, same endpoints, different key source and base URL:
| Channel | Base URL | Key source | Required headers |
|---|---|---|---|
| Direct proxy | https://whatsapp-proxy.checkleaked.cc | Direct purchase. Key managed in our dashboard. | x-rapidapi-key: <direct-key> |
| RapidAPI marketplace | https://whatsapp-data1.p.rapidapi.com | RapidAPI dashboard → "Apps" → Security. Subscribe at the RapidAPI listing. | x-rapidapi-key: <rapidapi-key>x-rapidapi-host: whatsapp-data1.p.rapidapi.com |
A direct key will NOT work against the RapidAPI base URL, and vice versa. The header name x-rapidapi-key is reused on both for compat — the value source is what matters.
Step 2 — Make your first request
Direct proxy (recommended):
curl -H "x-rapidapi-key: YOUR_DIRECT_KEY" \ "https://whatsapp-proxy.checkleaked.cc/number/13105551234"
RapidAPI marketplace:
curl -H "x-rapidapi-key: YOUR_RAPIDAPI_KEY" \ -H "x-rapidapi-host: whatsapp-data1.p.rapidapi.com" \ "https://whatsapp-data1.p.rapidapi.com/number/13105551234"
Step 3 — Read the response
Response is a WhatsAppEntry document (live shape — extra fields trimmed):
{
"number": "13105551234",
"countryCode": "US",
"phone": "+1 310 555 1234",
"type": "FIXED_LINE_OR_MOBILE",
"about": null,
"isWAContact": true,
"isUser": true,
"isBusiness": true,
"isGroup": false,
"isBlocked": false,
"isMyContact": false,
"isEnterprise": false,
"isVerified": false,
"id": {
"server": "c.us",
"user": "13105551234",
"_serialized": "[email protected]"
},
"businessProfile": {
"categories": [{ "id": "...", "localized_display_name": "Otra categoría" }],
"memberSinceText": "Se unió en abril, 2024.",
"isProfileLocked": true
},
"profilePic": { "success": false, "image_status": "item-not-found" },
"date": "2026-04-10T17:30:33.356Z",
"cached": true
}Notes from live testing:
- profilePic is an OBJECT, not a URL. When a picture exists, fetch the binary via /picture/{number}; when missing, you get { success: false, image_status: "item-not-found" }.
- about is null when restricted.
- isWAContact is the canonical "is this number on WhatsApp" flag.
- Lookup misses still return a WhatsAppEntry — check error / exists fields, not just HTTP status.
Step 4 — Handle errors
Burst-limit and auth errors return a short body:
{ "error": "Requests must be at least 0.5 seconds apart" }Default pacing: at least 500 ms between requests (2 req/sec). MEGA tier: 250 ms (4 req/sec). Full error reference.
Optional query flags on /number/{number}
| Flag | Effect |
|---|---|
telegram=1 | Include Telegram registration data. |
lookup=1 | Include TrueCaller lookup. |
google=1 | Include Google search snippets. |
includeCarrier=1 | Include carrier/region data. |
ignoreProfilePic=1 | Skip profile-picture fetch (faster). |
forceBypassCache=1 | Force fresh lookup (counts as a request). |
fullAiReport=1 | Generate AI OSINT report (longer response time). |
Next steps
What Our Users Say
Real reviews from our satisfied customers