API Reference

Base URL: https://api.whoscall.ing.xyz

Authentication

All requests use session cookies set by the OAuth flow. For token and pro tier API calls, pass your API key in the Authorization header.

Authorization: Bearer wc_live_your_api_key_here

Phone Lookup

GET/lookup/{e164}

Returns phone number intelligence. The {e164} parameter must be a valid E.164 formatted number (e.g. +12025550123).

curl https://api.whoscall.ing.xyz/lookup/+12025550123 \
  -H "Authorization: Bearer wc_live_your_key"

Response fields by tier

Field	Anon	OAuth	Token	Pro
e164	✓	✓	✓	✓
line_type	✓	✓	✓	✓
spam_score	✓	✓	✓	✓
spam_report_count	✓	✓	✓	✓
cnam	—	✓	✓	✓
carrier	—	✓	✓	✓
shaken_attestation	—	—	✓	✓
cache_age_seconds	—	—	✓	✓
llm_summary	—	—	—	✓
live_dip_performed	—	—	—	✓

Example response (Token tier)

{
  "e164": "+12025550123",
  "line_type": "mobile",
  "spam_score": 0.12,
  "spam_report_count": 2,
  "cnam": "JOHN SMITH",
  "carrier": "T-Mobile USA",
  "shaken_attestation": "A",
  "cache_age_seconds": 3720
}

Error Codes

Status	Meaning
401	Not authenticated — include your API key
402	Insufficient tokens — purchase more
404	Number not found in our database
422	Invalid E.164 format
429	Rate limit exceeded

Code Examples

Python

import httpx

API_KEY = "wc_live_your_key"
BASE_URL = "https://api.whoscall.ing.xyz"

def lookup(phone: str) -> dict:
    r = httpx.get(
        f"{BASE_URL}/lookup/{phone}",
        headers={"Authorization": f"Bearer {API_KEY}"},
    )
    r.raise_for_status()
    return r.json()

result = lookup("+12025550123")
print(result["cnam"], result["spam_score"])

JavaScript / TypeScript

const API_KEY = "wc_live_your_key";

async function lookup(e164: string) {
  const res = await fetch(
    `https://api.whoscall.ing.xyz/lookup/${encodeURIComponent(e164)}`,
    { headers: { Authorization: `Bearer ${API_KEY}` } }
  );
  if (!res.ok) throw new Error(`HTTP ${res.status}`);
  return res.json();
}

const data = await lookup("+12025550123");
console.log(data.cnam, data.spam_score);