Getting Started

Get an API key

1. Go to console.whisper.security and create a free account
2. Once logged in, generate an API key from the console dashboard

Anonymous access

No API key is required to get started. Without one, your requests run under the Anonymous tier: lower rate limits, a maximum traversal depth of 2 hops, and no access to procedures like whisper.history(). This is enough to test basic lookups and explore the schema.

Server and authentication

Three additional authentication methods are also supported:

Invalid API keys degrade gracefully to Anonymous tier limits rather than returning an authentication error.

All examples below assume:

BASE=https://graph.whisper.security
API_KEY=YOUR_API_KEY

Your first query

Resolve a hostname to its IP address:

curl -s -X POST $BASE/api/query \
  -H "Content-Type: application/json" \
  -H "X-API-Key: $API_KEY" \
  -d '{"query": "MATCH (h:HOSTNAME {name: \\"www.google.com\\"})-[:RESOLVES_TO]->(ip:IPV4) RETURN h.name, ip.name LIMIT 5"}'

Response:

{
  "columns": ["h.name", "ip.name"],
  "rows": [
    {"h.name": "www.google.com", "ip.name": "142.250.64.100"},
    {"h.name": "www.google.com", "ip.name": "142.251.150.119"},
    {"h.name": "www.google.com", "ip.name": "142.251.151.119"}
  ],
  "statistics": {"rowCount": 3, "executionTimeMs": 0}
}

IP addresses change with DNS updates; the structure is what matters.

Understanding results

Every response has three fields:

Check your plan and usage

CALL whisper.quota()

Returns your current plan tier, hourly query limit, usage count, maximum traversal depth, and concurrent query count.

For full endpoint documentation, see the Cypher API Reference. For query syntax and the graph schema, see the Cypher Language Reference. For ready-to-run recipes, see the Query Cookbook.