Skip to main content
POST
/
v2
/
contacts
/
search
Search Contacts (V2)
curl --request POST \
  --url https://api.heymarket.com/v2/contacts/search \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "contact_channels": [
    {
      "channel_ids": [
        "14155551234",
        "14155559876"
      ],
      "channel_type": "phone"
    }
  ]
}
'
[
  {
    "avatar": "<string>",
    "created": "<string>",
    "creator_id": 123,
    "custom": {},
    "display_name": "<string>",
    "email": "<string>",
    "external_id": "<string>",
    "external_ref": "<string>",
    "first": "<string>",
    "id": 123,
    "inbox_id": 123,
    "last": "<string>",
    "note": [
      {
        "date": "<string>",
        "id": "<string>",
        "name": "<string>",
        "text": "<string>",
        "user_id": 123
      }
    ],
    "op": "<string>",
    "parent_id": 123,
    "phone": "<string>",
    "rev": 123,
    "shared": true,
    "team_id": 123,
    "type": "<string>",
    "updated": "<string>",
    "assigned_user_id": 123,
    "tags": [
      "<unknown>"
    ]
  }
]
Use this endpoint when you know a channel value and need the matching contact.

Authorizations

Authorization
string
header
required

Recommended authentication for new integrations. Generate a short-lived JWT from your API Secret ID and API Secret Key, then pass the signed JWT as a bearer token in the Authorization header.

API Secret credentials are available in the Heymarket app under Settings > Integrations > API. The Secret Key is shown only when it is generated, so copy and store it securely before closing the dialog.

Use the following JWT values:

{
  "alg": "HS256",
  "typ": "JWT"
}
{
  "iss": "YOUR_API_SECRET_ID",
  "iat": CURRENT_UNIX_TIMESTAMP
}

Replace CURRENT_UNIX_TIMESTAMP with the current Unix timestamp in seconds when generating the token.

Sign the JWT with HMAC-SHA256 using this signing secret:

YOUR_API_SECRET_ID||YOUR_API_SECRET_KEY

Send the signed JWT as a bearer token:

Authorization: Bearer YOUR_SIGNED_JWT

Tokens expire 5 minutes after the iat timestamp. Generate a new JWT per request, or cache it briefly for less than 5 minutes. Generate JWTs only from trusted server-side code; do not expose the API Secret Key in browser, mobile, or other client-side code.

Body

application/json

Search parameters

contact_channels
object[]
required

One or more channel entries to search by. Each entry specifies the channel type and a list of IDs to match. If channel_type is omitted, the type is inferred from the ID format (e.g. E.164 phone → phone, email format → email).

Response

Matching contacts

avatar
string
created
string
creator_id
integer
custom
object
display_name
string
email
string
external_id
string
external_ref
string
first
string
id
integer
inbox_id
integer
last
string
note
object[]
op
string
parent_id
integer
phone
string
rev
integer
shared
boolean
team_id
integer
type
string
updated
string
assigned_user_id
integer
tags
any[]