Blog / WhatRuns API Key

WhatRuns API Key: Free Alternative + 30-Second Setup

April 8, 2026 (updated May 25, 2026) · 5 min read

Does WhatRuns have an API key?

No. WhatRuns is a Chrome and Firefox browser extension only. It has no public REST API, no documented endpoints, no API tokens or keys, and no programmatic access. Searches for "WhatRuns API key" or "WhatRuns API documentation" return nothing because the product was built for manual in-browser lookups, not automation.

What is the closest free WhatRuns alternative with an API key?

DetectZeStack is a free REST API for the same tech-detection use case. It uses the same Wappalyzer fingerprint database WhatRuns is based on, plus DNS CNAME inspection, TLS certificate analysis, and HTTP header pattern matching. The free tier is 100 requests per month with no credit card. Paid tiers start at $9/month for 1,000 requests — compared to BuiltWith's $995/month and Wappalyzer's $450/month.

How do I get a DetectZeStack API key?

Sign up at rapidapi.com/mlugoapx/api/detectzestack for an instant key tied to your RapidAPI account, or sign up directly at detectzestack.com/signup with email-magic-link verification. Either path gives you a key in under a minute. The first API call you'll make is curl -H "X-API-Key: YOUR_KEY" https://detectzestack.com/analyze?url=stripe.com and returns JSON with the full detected tech stack.

Why this article exists

The "WhatRuns API key" search query is high-volume and unanswered. WhatRuns built a useful browser extension, never shipped an API, and was acquired in 2023 with the product effectively unchanged. Developers searching for an API key keep finding tutorials that don't apply. The rest of this page covers what WhatRuns lacks, what an API for this use case actually looks like, and how to get started in under a minute.

Why WhatRuns Has No API

WhatRuns was built as a Chrome and Firefox browser extension for manual tech lookups. You visit a website, click the extension icon, and see what technologies the site uses. That's the entire product.

There is no:

WhatRuns works well for what it is—quick, manual lookups while browsing. But if you need to detect technologies from a script, CI/CD pipeline, backend service, or any automated workflow, you need an actual API.

What Developers Actually Need

When people search for a "WhatRuns API key," they're usually trying to solve one of these problems:

All of these require an API. WhatRuns can't help with any of them.

DetectZeStack: The API Alternative

DetectZeStack is a REST API built for exactly this use case. You get an API key, make HTTP requests, and receive structured JSON responses with detected technologies.

Get your free API key

Sign up on RapidAPI (free, no credit card required) and make your first request:

curl -s "https://detectzestack.p.rapidapi.com/analyze?url=example.com" \
  -H "X-RapidAPI-Key: YOUR_KEY" \
  -H "X-RapidAPI-Host: detectzestack.p.rapidapi.com" | jq '.'

The response includes every detected technology with categories, confidence scores, and CPE identifiers when available.

Batch analysis

Analyze up to 10 sites in a single request:

curl -X POST "https://detectzestack.p.rapidapi.com/analyze/batch" \
  -H "X-RapidAPI-Key: YOUR_KEY" \
  -H "X-RapidAPI-Host: detectzestack.p.rapidapi.com" \
  -H "Content-Type: application/json" \
  -d '{"urls": ["stripe.com", "shopify.com", "github.com"]}'

Python example

import requests

headers = {
    "X-RapidAPI-Key": "YOUR_KEY",
    "X-RapidAPI-Host": "detectzestack.p.rapidapi.com"
}

resp = requests.get(
    "https://detectzestack.p.rapidapi.com/analyze",
    headers=headers,
    params={"url": "example.com"}
)

for tech in resp.json().get("technologies", []):
    print(f"{tech['name']} ({tech['category']})")

WhatRuns vs DetectZeStack

Feature WhatRuns DetectZeStack
API access No API Full REST API
API key available No Yes (free on RapidAPI)
API documentation None OpenAPI spec + RapidAPI docs
Batch analysis No Up to 10 URLs per request
DNS detection No Yes (CDN, hosting via CNAME)
TLS certificate analysis No Yes (CA, cert details)
CPE identifiers No Yes (NVD vulnerability mapping)
Change tracking No Yes (/changes feed)
Webhook alerts No Yes
Pricing Free (extension only) Free tier (100 req/mo), from $9/mo

Frequently Asked Questions

How do I get a WhatRuns API key?
You can't. WhatRuns is a browser extension only—it has no API and no API keys. For a tech detection API key, sign up for free on DetectZeStack via RapidAPI (100 requests/month, no credit card).

Is there WhatRuns API documentation?
No. WhatRuns has no API, so there's no documentation. DetectZeStack provides full OpenAPI documentation and interactive docs on RapidAPI.

What is the best alternative to WhatRuns with an API?
DetectZeStack is the most affordable option with a free tier. Wappalyzer offers an API starting at $250/month, and BuiltWith at $995/month for API access. DetectZeStack starts free with paid plans from $9/month.

Can I use WhatRuns in a script or CI/CD pipeline?
No. WhatRuns only works as a manual browser extension. For scripting and automation, use DetectZeStack's REST API with any HTTP client—curl, Python requests, JavaScript fetch, or any language.

Related Reading

Get Your Free API Key

100 requests/month free. Full API with DNS, TLS, CPE, and change tracking.

Get API Key on RapidAPI

Get API updates and tech detection tips

Join the mailing list. No spam, unsubscribe anytime.