The Wappalyzer APIs provide programmatic access to technographic data on websites, either in real-time or prefetched.

  • The APIs conform to REST principles
  • The JSON data format is used for responses and POST requests
  • All resources require authentication
  • Requests are rate-limited and metered
  • Endpoints are HTTPS only


API calls deduct credits from your balance. Credits are included in plans and can also be purchased directly . To determine the number of credits spent per request, refer to the pricing page.


Wappalyzer uses API keys to provide authorized access to its APIs. Sign up to create an API key.

Request header Value
x-api-key Your API key

Callback signatures

Requests to your callback endpoint can optionally be signed to allow you to verify the request was made by Wappalyzer. To enable signing, create a signing secret.

To verify a request, create a SHA256 hash of the signing secret appended with the raw JSON request body. The request is valid if the hash matches the hash in the wappalyzer-signature header in the request.

sha256(secret + body) == signature
Request header Value
wappalyzer-signature SHA256 hash

Response codes

The APIs return HTTP status codes in addition to JSON-based responses.

HTTP code Description
200 The request was completed successfully
400 There was an error with the request
403 Authorisation failure (incorrect API key, invalid method or resource or insufficient credits)
429 Rate limit exceeded

Credit balance

Every response includes a header with the credit spend and remaining balance.

Header Description
wappalyzer-credits-spent The number of credits deducted
wappalyzer-credits-remaining Your credit balance

Alternatively, you can get your remaining credit balance by calling a separate endpoint:




Example request
curl -H "x-api-key: <your api key>" ""
Example response
{ "credits": 100000 }

Subscribe to receive occasional product updates.