Menu

Authentication

All API requests require authentication via API key.

Bearer Token

Include your API key in the Authorization header:

Authorization: Bearer mw_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

API Key Format

Keys are prefixed with mw_ followed by 40 random characters. The raw key is shown only once at creation — store it securely.

Session Binding

Each API key is bound to a specific WhatsApp session. When you make API calls, the session is determined automatically from your key. This means:

  • No session IDs in API requests
  • One key = one session (create multiple keys for multiple sessions)
  • Keys can be revoked independently without affecting other keys

Key Management

  • Generate and revoke keys from the API Keys page in the dashboard
  • Revoke compromised keys immediately — revocation is instant and permanent
  • Each key tracks its last usage timestamp

Rate Limiting

API requests are rate-limited per key. Free plans: 60 requests/minute. Pro plans: 300 requests/minute. Enterprise: custom limits.