Provide current and historical ownership information on domains / IPs. Identify all connections between domains, registrants, registrars, and DNS servers.
Look into all current and historical DNS / IP connections between domains and A, MX, NS, and other records. Monitor suspicious changes to DNS records.
Get detailed context on an IP address, including its user’s geolocation, time zone, connected domains, connection type, IP range, ASN, and other network ownership details.
Access our web-based solution to dig into and monitor all domain events of interest.
Get access to a web-based enterprise-grade solution to search and monitor domain registrations and ownership details for branded terms, fuzzy matches, registrants of interest, and more.
Detect and block access to and from dangerous domain names before malicious actors can weaponize them. Contact us today for more information.
Unlock integrated intelligence on Internet properties and their ownership, infrastructure, and other attributes.
Our complete set of domain, IP, and DNS intelligence available via API calls as an annual subscription with predictable pricing.
Offers complete access to WHOIS, IP, DNS, and subdomain data for product enrichment, threat hunting and more.
Multi-Level API User Administration Now Available - Manage individual API keys for team members in your organization.
Learn MoreUse server-to-server OAuth to authenticate with WhoisXML APIs when making API requests. This is also known as two-legged OAuth as it uses a two step process flow that does not require user interaction for authentication or authorization. Here's the flow.
You can also check this script on GitHub for an example of how to use the WHOIS API with Server-Side SSO.
Use the accessToken grant type to generate an access token. The features of this grant type are:
Please note that the generated accessToken is used instead of the apiKey parameter in API requests.
curl --location 'https://main.whoisxmlapi.com/oauth/token' \
--header 'Authorization: Bearer %base64_encoded_API_key%' \
--header 'Content-Type: application/json' \
--data '{
"grantType": "access_token",
"expiresIn": 7200
}'
Authorization |
Required. Base64 encoded API key. Authentication scheme: Bearer. Get your personal API key on the My products page. |
grantType |
Required. The grant type to generate an access token. Acceptable values: access_token. |
expiresIn |
Optional. The lifetime of the access token in seconds. Acceptable values: 1800, 3600, 7200, 10800. Default: 3600. |
outputFormat |
Optional. Response output format. Acceptable values: JSON | XML Default: JSON |
{
"accessToken": "G2OIE2AKRCVDYFUJCV5PXXXXXXXXXXXX",
"expiresIn": 3600
}
Use the accessToken value in the response to authenticate your API requests. Substitute the resulting value into the apiKey field as you would with a normal API key without OAuth.
{
"code": 401,
"messages": "Access restricted. Check the credits balance or enter the correct API key."
}
{
"code": 422,
"messages": {
"grantType": [
"The selected grant type is invalid."
]
}
}
curl --location 'https://www.whoisxmlapi.com/whoisserver/WhoisService?domainName=google.com' \
--header 'Authorization: Bearer %accessToken%'
curl --location 'https://www.whoisxmlapi.com/whoisserver/WhoisService' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer %accessToken%' \
--data '{
"domainName": "google.com"
}'
We are here to listen. For a quick response, please select your request type. By submitting a request, you agree to our Terms of Service and Privacy Policy.