Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.wazzapi.com/llms.txt

Use this file to discover all available pages before exploring further.

Authentication

WazzAPI supports two main authentication paths depending on how you use the platform.

Dashboard authentication

The dashboard sign-in flow is designed for people using the product directly.
  • sign-in is currently Google-only
  • authenticated users operate through sessions and cookies
  • access is controlled by your organization membership and role
Use dashboard authentication when you are working in the product interface.

API Key Authentication

API keys are the standard authentication method for server-to-server integrations with the WazzAPI API.
This is the recommended method for backend services, automations, and webhook consumers.

How It Works

Include your API key in the Authorization header of every request:
Authentication Header
Authorization: Bearer YOUR_API_KEY

Example Request

cURL
curl -X POST https://api.wazzapi.com/api/v1/messages/send \
  -H "Authorization: Bearer wz_live_abc123..." \
  -H "Content-Type: application/json" \
  -d '{
    "phone_number": "6281234567890",
    "content": "Hello from WazzAPI!",
    "message_type": "text",
    "whatsapp_account_id": "00000000-0000-0000-0000-000000000000"
  }'

Managing Keys

You can create and manage API keys from the Developers area in the dashboard.
  • Keys belong to your organization.
  • Keys can include scopes and expiry settings.
  • Keys respect your available permissions and plan limits.
  • You can revoke or rotate keys at any time.
Never expose your API keys in client-side code (browsers, mobile apps). Always proxy requests through your own backend.

MCP authentication

WazzAPI MCP uses the same WazzAPI account access model, but the hosted MCP server authenticates with a custom header instead of the REST API Bearer format. 
wazzapi-api-key: YOUR_API_TOKEN
Use MCP when you are connecting WazzAPI to tools such as Claude Code, Cursor, or VS Code. Use the REST API when you are building deterministic backend application flows.
See the dedicated WazzAPI MCP guide for the hosted MCP URL, Claude Code setup command, workspace path constraints, and agent mode.

Troubleshooting

Common authentication errors:
Error CodeMeaningSolution
401 UnauthorizedInvalid or missing keyCheck your Authorization header format.
403 ForbiddenInsufficient permissionsVerify the key belongs to the correct organization and includes the required scope.
429 Too Many RequestsPlan or rate limit reachedCheck billing or rate-limit guidance before retrying.
  • Humans → sign in through the dashboard
  • Backends and automations → call the API with Bearer API keys