API Documentation

Simple, fast, and privacy-first API endpoints for IP address lookup. All endpoints are rate-limited to 60 requests per minute per IP address.

Endpoints

GET /api/ip

Returns your IP address as plain text or JSON.

Response (text):

192.168.1.1

Response (JSON, with Accept: application/json header):

{
  "ip": "192.168.1.1"
}

GET /api/context

Returns detailed connection information including IP, version, user agent, and Cloudflare metadata.

Response:

{
  "ip": "192.168.1.1",
  "ipVersion": 4,
  "userAgent": "Mozilla/5.0...",
  "acceptLanguage": "en-US,en;q=0.9",
  "cf": {
    "country": "US",
    "colo": "DFW",
    "asn": 12345,
    "asOrganization": "Example ISP"
  }
}

GET /api/headers

Returns HTTP headers including forwarded IP addresses and client information.

Response:

{
  "clientIp": "192.168.1.1",
  "forwarded": {
    "xForwardedFor": "192.168.1.1",
    "xRealIp": null,
    "forwarded": null,
    "trueClientIp": "192.168.1.1"
  },
  "userAgent": "Mozilla/5.0...",
  "acceptLanguage": "en-US,en;q=0.9"
}

GET /api/health

Health check endpoint. Returns "ok" if the service is operational.

Response:

ok

Rate Limiting

All API endpoints are rate-limited to 60 requests per minute per IP address. When the limit is exceeded, the API returns a 429 Too Many Requests status code.

API Keys

API keys can be used to bypass rate limiting. Include your API key in the Authorization header:

Authorization: Bearer YOUR_API_KEY

Contact support@whatismyiper.com to request an API key.

Response Headers

All API responses include the following security headers:

  • Cache-Control: no-store - Prevents caching
  • X-Content-Type-Options: nosniff - Prevents MIME type sniffing
  • Referrer-Policy: strict-origin-when-cross-origin - Controls referrer information
  • Permissions-Policy: geolocation=(), microphone=(), camera=() - Restricts permissions

Example Usage

cURL

# Get IP as text
curl https://whatismyiper.com/api/ip

# Get IP as JSON
curl -H "Accept: application/json" https://whatismyiper.com/api/ip

# Get context
curl https://whatismyiper.com/api/context

# With API key
curl -H "Authorization: Bearer YOUR_API_KEY" https://whatismyiper.com/api/ip

JavaScript

// Get IP
const response = await fetch('https://whatismyiper.com/api/ip', {
  headers: { 'Accept': 'application/json' }
});
const data = await response.json();
console.log(data.ip);

// Get context
const context = await fetch('https://whatismyiper.com/api/context');
const info = await context.json();
console.log(info);