WAHooks
API Reference

Authentication

How to authenticate with the WAHooks API

API Token

The recommended authentication method for programmatic access. Create tokens via the CLI or API.

curl https://api.wahooks.com/api/connections \
  -H "Authorization: Bearer wh_your_api_token"

API tokens:

  • Start with wh_
  • Never expire (until revoked)
  • Scoped to the user who created them

Supabase JWT

Used by the dashboard and CLI. Obtained through the Supabase Auth login flow.

curl https://api.wahooks.com/api/connections \
  -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIs..."

JWTs expire after 1 hour and must be refreshed using the refresh token.

Error responses

Missing authentication

{
  "message": "Missing or invalid Authorization header",
  "statusCode": 401
}

Invalid token

{
  "message": "Invalid or revoked API token",
  "statusCode": 401
}

Expired JWT

{
  "message": "Token has expired",
  "statusCode": 401
}
Edit on GitHub

API Overview

WAHooks REST API reference

List Connections

List all WhatsApp connections for the authenticated user.

On this page

API TokenSupabase JWTError responsesMissing authenticationInvalid tokenExpired JWT