Skip to main content
The Waply API uses API keys to authenticate requests. Every request you make must include your API key in the Authorization header as a Bearer token. Requests without a valid key are rejected with a 401 error.

Get your API key

API keys are generated from the Waply dashboard:
1

Open Settings

In the Waply dashboard, click Settings in the left sidebar.
2

Go to API Keys

Select API Keys from the Settings menu.
3

Create a new key

Click New API Key, give it a name (for example, “Production backend”), and click Create.
4

Copy your key

Copy the key immediately — it is only shown once. Store it in a secure secrets manager or environment variable.
Never commit your API key to source control or expose it in client-side code. Anyone with your key can make requests on your account’s behalf.

Authenticate a request

Pass your API key in the Authorization header using the Bearer scheme: 
Authorization: Bearer YOUR_API_KEY

curl --request GET \
  --url https://api.waply.io/v1/contacts \
  --header 'Authorization: Bearer YOUR_API_KEY'
Replace YOUR_API_KEY with the key you copied from the dashboard. We recommend storing it as an environment variable: 
const response = await fetch('https://api.waply.io/v1/contacts', {
  headers: {
    'Authorization': `Bearer ${process.env.WAPLY_API_KEY}`,
    'Content-Type': 'application/json',
  },
});

Authentication errors

401 — Invalid API key

A 401 response means the API key in your Authorization header is missing, malformed, or has been revoked. 
{
  "error": {
    "code": "unauthorized",
    "message": "Invalid API key. Check your Authorization header."
  }
}
Check that you are using the correct key and that it has not been deleted from the API Keys page.

403 — Plan does not include API access

A 403 response means your Waply account is on the Starter plan, which does not include API access. 
{
  "error": {
    "code": "forbidden",
    "message": "API access is not available on your current plan. Upgrade to Growth or Enterprise."
  }
}
Upgrade your plan from the Billing page in the Waply dashboard to resolve this.

Rotating API keys

You can generate multiple API keys for different environments or services. To rotate a key:
  1. Create a new API key from Settings > API Keys.
  2. Update your application to use the new key.
  3. Delete the old key from the dashboard once traffic has moved over.
Use separate API keys for development, staging, and production environments so you can revoke a single key without affecting other environments.