Sign any TikTok webcast URL with the required X-Bogus and X-Gnarly anti-automation parameters. This is the foundation of the API - TikTok rejects unsigned requests, so this endpoint adds the cryptographic signatures needed for valid requests.

How it works: Send any raw TikTok webcast URL in the request body. The API returns the signed URL with all required parameters appended, plus the User-Agent and cookies you must use when fetching.

Use cases: Building custom TikTok integrations, signing WebSocket URLs for direct connections, or signing any TikTok API endpoint that requires X-Bogus validation.

Response data: Returns signed_url (the URL with signatures), x_bogus, x_gnarly, user_agent, and cookies fields. Always use the returned User-Agent when making the final request to TikTok.

Check if one or more TikTok users are currently live streaming. Returns live status, room ID, stream title, and viewer count for each user.

Lookup methods: Pass unique_id (username) for single-user lookups, or room_ids (comma-separated) to check multiple rooms at once. At least one parameter is required.

Response data: Each entry includes room_id, alive (boolean), title, and userCount. Use this to build monitoring dashboards, trigger alerts when creators go live, or validate a stream before connecting via WebSocket.

Performance: This endpoint is lightweight and cached - ideal for polling. Combine with bulk_live_check for monitoring large lists of creators.

Instant zero-latency liveness check sourced from the relay's internal state - no TikTok API call required. Use this before opening a WebSocket connection to avoid connecting to channels that are offline.

How it works: Checks the relay's Dragonfly cache for any channel currently connected to the relay or recently seen by the leaderboard poller (90s TTL). Returns a result in <5ms.

Limitation: Only covers channels actively tracked by the relay or the live leaderboard. If a channel is live but has never been connected to the relay, it may return alive: false. For a definitive check, use /webcast/check_alive.

Best practice: Use live_status as a fast pre-flight check. Only fall back to check_alive (which calls TikTok) when live_status returns offline for a channel you expect to be live.

Single channel per request. To check many creators in one call, use bulk_live_check (POST with a unique_ids array) - it returns is_live + room_id for each. Do NOT fire many live_status calls in parallel from one server IP; that trips upstream burst throttling and they time out. Batch with bulk_live_check (e.g. 50/call on Pro) and poll every couple of minutes.

Check your current API key's rate limit status, tier information, and remaining quota across all features.

What's returned: Your current tier (free/pro/ultra), API request limits (per-minute sliding window), WebSocket connection limits, bulk check capacity, and feed daily quota. Also includes reset_at timestamp for when limits refresh.

Use cases: Monitor quota consumption in production, display remaining capacity in dashboards, or implement client-side throttling to avoid hitting limits.

Headers: Every API response also includes X-RateLimit-Limit, X-RateLimit-Remaining, and X-RateLimit-Reset headers - but this endpoint gives a comprehensive overview of all your limits in one call.

Fetch live stream events via HTTP long-polling. Returns the same real-time data as WebSocket (chat, gifts, likes, battles) but over HTTP. Uses TikTok's binary protobuf protocol and returns decoded events.

How it works: The API signs and fetches TikTok's internal polling endpoint, decodes the protobuf response, and returns structured event data. Pass a cursor from the previous response for continuous polling.

Identification: Provide either unique_id (username) or room_id. If using unique_id, the server resolves the room ID automatically.

WebSocket vs Fetch: WebSocket connections are preferred for real-time use - they deliver events instantly with lower latency. Use /webcast/fetch when WebSocket is not possible (serverless environments, HTTP-only infrastructure) or for one-off data snapshots.

Get comprehensive information about a live stream room including the host's profile, stream title, viewer count, start time, and stream configuration.

Response data: Returns owner profile (nickname, uniqueId, profilePictureUrl, follower count), room metadata (title, user_count, like_count, create_time), stream URLs, cover images, and room status.

Identification: Provide either unique_id (username) or room_id. Returns an error if the user is not currently live.

Use cases: Pre-flight checks before WebSocket connection, building stream info cards/embeds, monitoring dashboards, or collecting the room ID for use with other endpoints like rankings or gift_info.

Server-side / datacenter IPs - use mode: "fetch" (Pro+): By default this endpoint returns a signed_url you fetch yourself. TikTok blocks datacenter egress to its webcast host, so that fetch returns an empty body from a server. Instead pass mode: "fetch" with a room_id and TikTool fetches TikTok on our infrastructure and returns the parsed JSON directly - user_count (live viewers), total_user, title, like_count, live_duration_seconds, owner, status - and it works from any datacenter IP. mode: "fetch" needs a room_id, so resolve it first server-side with live_status (GET /webcast/live_status?unique_id=<handle> returns is_live + room_id), then call room_info with { "room_id": "...", "mode": "fetch" }. No page-scraping, no signed_url, no residential IP needed. (title may be empty if the creator set none; total_user may be null.)

Get live stream video playback URLs in multiple formats and quality levels. Returns HLS (.m3u8), FLV, and direct origin URLs suitable for embedding or processing.

Stream formats: hls_pull_url for adaptive bitrate (best for web players), flv_pull_url for low-latency playback, and origin URLs for the highest quality source stream. Multiple resolutions are available (SD, HD, FULL_HD).

Use cases: Building custom live stream players, recording/archiving streams, feeding audio to transcription services (used internally by our Live Captions feature), or creating multi-stream monitoring walls.

Important: Stream URLs are time-limited and will expire. Re-fetch periodically if you need to maintain long-running playback. The hls format provides the most reliable playback across browsers and devices.

Check live status for multiple TikTok users in a single request. Returns the same data as check_alive but for up to 100 users simultaneously.

Batch limits: Free: 1 user, Pro: up to 50 users, Ultra: up to 100 users per request. Pass usernames as a JSON array in the request body.

Response data: Returns an array with each user's unique_id, room_id, alive status, title, and userCount. Users who are offline return alive: false with an empty room_id.

Use cases: Creator monitoring dashboards that track dozens of streamers, automated alert systems, multi-stream aggregators, or periodically scanning talent rosters to detect who's live.

Get pre-signed WebSocket connection credentials for establishing a direct connection to TikTok's live stream WebSocket servers. Returns everything needed to connect without using the managed relay.

What's returned: A signed websocket_url (with X-Bogus), cookies (ttwid, session), user_agent, room_id, and cluster_region. Use these to create your own WebSocket connection directly to TikTok.

When to use: Advanced users building custom WebSocket clients who need direct TikTok connections (without using our managed relay). Most users should use the managed WebSocket connection (wss://api.tik.tools) or the Node.js SDK instead.

Important: Direct connections count toward TikTok's per-IP WebSocket limit (~4 concurrent). If you need more, use our managed relay which distributes connections across multiple IPs.

Sign a TikTok WebSocket URL with X-Bogus parameters for direct connection to TikTok's webcast-ws servers. This is the WebSocket-specific equivalent of sign_url.

How it works: Provide a room_id and the API generates a fully signed WebSocket URL targeting the correct regional TikTok WebSocket server (webcast-ws.tiktok.com, webcast-ws.us.tiktok.com, etc.).

Response: Returns signed_url (the complete wss:// URL), cookies, and user_agent. Connect using these credentials with the provided cookies in the WebSocket handshake headers.

Use case: Building custom WebSocket clients in languages without our SDK, or when you need fine-grained control over the WebSocket lifecycle. The SDK handles this internally - most users won't need this endpoint directly.

Resolve numeric TikTok user IDs to their corresponding usernames (unique_id/display_id). Accepts up to 20 user IDs per request with server-side caching for fast lookups.

When you need this: TikTok's internal APIs and WebSocket events often send numeric user IDs (like 6892636847263982593) instead of readable usernames. This endpoint converts them back to @username format.

Caching: Results are cached server-side for 24 hours. Repeated lookups for the same user IDs are instant and don't count toward rate limits.

Response data: Returns a data object keyed by the userId, each value { userId, username, nickname, avatarUrl, cached }. Users whose IDs can't be resolved (deleted/banned accounts) come back with username/nickname/avatarUrl all null. This is the canonical way to turn a numeric userId from a WS event (e.g. the co-host id in a linkMic frame's extras["5"]) into a readable profile.

Reverse lookup: unique_id (the @username) → numeric TikTok user ID + full public profile metadata.

When you need this: - You have a TikTok username and need the numeric user ID (e.g. for cross-referencing with chat/gift events that ship userId) - You want bio, follower/following counts, video count, verification status, avatar URLs - You need the secUid (TikTok's signed user identifier, required for some downstream APIs)

Caching: Profile results cached server-side for 24h. Repeated lookups for the same unique_id are instant and don't burn quota. Pass nocache=1 to bypass (useful for bio-verification flows where the user just updated their profile).

Returns: - id - numeric TikTok user ID - uniqueId - @username - secUid - signed user identifier (used internally by TikTok) - nickname - display name - signature - bio text - bioLink - the creator's native link-in-bio (URL); empty string if they haven't set one. bioLinkRisk is TikTok's link-risk score. Resolved server-side, so it works from a datacenter IP. (Some creators paste their link into the bio text instead - that's in signature.) - verified - boolean blue-check flag - avatarThumb / avatarMedium / avatarLarger - three avatar resolutions - stats - followerCount, followingCount, heartCount, videoCount - league - current Diamond Rush league standing (see below)

League field (Ultra+ only): Every response includes a top-level league object with the user's current Diamond Rush class + rank. Ultra and Global Agency tiers receive the real class label (A1/A2/D5/etc.) + region + rank. Pro and lower tiers receive an upgrade prompt.

- Ultra+: { found: true, region: 'IT+', classType: 100, classLabel: 'D5', rank: 1 } - Pro/Basic: { found: true, available_on: 'ultra+', message: 'Upgrade to Ultra or Global for Rankings', upgrade_url: 'https://tik.tools/pricing' } - Not in any league: { found: false, region: null, classType: null, classLabel: null, rank: null }

League snapshots refresh every ~60s from the leaderboard poller; per-user lookup is cached server-side for 5 minutes.

Tier limits: Pro 1,000/day, Ultra 10,000/day, Admin unlimited. Sub-Pro tiers receive 403.

Generate a JWT (JSON Web Token) for secure frontend WebSocket connections. JWTs allow your client-side code to connect without exposing your API key.

Security model: Generate JWTs server-side using your API key, then pass the jwtKey to your frontend. The JWT can be scoped to specific creators (allowed_creators) and limited to a set number of concurrent connections.

Expiry: Tokens expire after expire_after seconds (default: 3600 = 1 hour). After expiry, the client must request a new token from your backend.

Use cases: Web applications where the frontend connects directly to wss://api.tik.tools?uniqueId=USERNAME&jwtKey=TOKEN. This keeps your API key on the server while letting browsers connect to the WebSocket.

Get real-time leaderboard data for a live room - top gifters, online audience rankings, and engagement scores. Uses the "sign-and-return" pattern for authenticated data.

Data available: In-room top gifters (online_audience - ranked by diamonds sent this session), all-time gifter leaderboard (anchor_rank_list), and entrance configuration (ranking tabs, timer info, class/league badges).

Authentication: For full leaderboard data, include your TikTok session cookies via x-cookie-header. Without authentication, the endpoint returns limited ranking data.

Response pattern: Returns a signed_url that you fetch with session cookies to get TikTok's ranking data. Each rank entry includes user (nickname, avatar, follower count), score (diamonds), and rank position.

List all available league classes (A1, A2, B5, C1, D1, etc.) discovered for a region.

What are leagues? TikTok groups LIVE creators into competitive classes based on earnings tier. Each class (A1 = top earners, D2 = entry level) has its own leaderboard. Agencies use this to identify which class a creator competes in without manually checking TikTok.

Access: Ultra developer tier or Agency subscription only. Non-qualifying users see league tab names but not creator data.

Data source: Updated every 5 minutes by the leaderboard poller via live anchor probing. Regions with active streams populate faster.

Response: Array of { classType, classLabel, count, updatedAt } - one entry per discovered class.

Get the ranked creator list for a specific league class within a region.

Full access (Ultra + Agency): All entries (up to 99) with nickname, avatar, score, rank, and live status.

Teaser (all other tiers): 5 randomly sampled entries only.

classType values: A1=2000, A2=1900, B5=1100, C1=1000, C2=900, D1=500, D2=400, D3=300. Fetch available classTypes from /api/leaderboards/leagues/:region first.

Live enrichment: Each entry includes isLive and roomId if the creator is currently streaming.

Agency use case: Identify which A1/A2 creators are active in a region for talent scouting without manually checking dozens of profiles.

Resolve a TikTok username to their current live room ID. The server resolves the unique_id to a room_id on your behalf - no client-side page parsing needed.

How it works: The server checks its cache first (30-minute TTL). Resolution falls back to a live lookup on cache miss. Reliability varies by tier - Pro/Ultra/Admin requests use a higher-priority resolution path.

Freshness guarantee (Pro+): If a cached room ID is found but the user is no longer live on that room, the server automatically invalidates all cache layers and re-resolves. This ensures you always get the current room ID, even if a streamer went offline and started a new stream (which creates a new room ID). When this happens, the response includes stale_fix: true.

Response data: Returns unique_id, room_id, alive (whether the user is currently live), cached (whether the result came from server cache), and optionally stale_fix (if a stale cached room was detected and re-resolved). Use the returned room_id with other endpoints like sign_websocket, rankings, gift_info, etc.

Use cases: When you only have a username and need the room_id for other API calls. Many endpoints accept unique_id directly, but some (like sign_websocket) require the room ID. This endpoint eliminates the need for client-side TikTok page parsing. Safe to poll every 5-10 minutes - cached results are instant and re-resolution only triggers when needed.

Get the high-quality cover image (thumbnail) URL of an active live stream. Returns the same image TikTok displays on the live feed before a user taps to watch.

Image quality: Returns the highest resolution available from TikTok's CDN. Cover images are typically 720x960 or higher, served as JPEG/WebP from TikTok's image CDN.

Use cases: Building live stream galleries, social media embeds, notification cards with stream previews, or monitoring dashboards that show stream thumbnails alongside viewer counts.

Note: Cover images are set by the streamer before going live. If no custom cover is set, TikTok uses a default or auto-generated thumbnail. Returns an error if the user is not currently live.

Get currently trending live stream hashtags from TikTok. Returns hashtag names, live viewer counts, and associated metadata.

Response data: Each hashtag includes id, title (the hashtag text), user_count (total viewers across all streams using this hashtag), and related metadata. Results are sorted by popularity.

Use cases: Discover trending topics for content strategy, build hashtag explorers, analyze live streaming trends over time, or filter the feed by popular hashtags.

Pagination: Use the count parameter to control results per page (default: 20, max: 50). The endpoint uses TikTok's internal trending algorithm, so results update frequently as trending topics shift.

Get the global TikTok gift catalog: every gift name, diamond cost, icon URL, ID. The catalog is room-independent - call the endpoint with no params, get the catalog back. Tier-branched response:

- Sandbox / Basic / Pro → returns a static 50-gift SAMPLE so you can build + test your UI against the real schema without paying. Shape: { status_code, source: "sample", is_sample: true, count: 50, data: { gifts: [...] }, your_tier, upgrade_url }. ~9.7KB, instant response. - Ultra / Global Agency → returns the full live catalog (~500-1000 gifts), parsed and ready to use. Shape: { status_code, mode: "fetch", data: { room_id, gifts: [...] } }. Catalog is refreshed hourly upstream from TikTok. ~100KB, ~1-2s response (server-side fetch via our proxy pool).

Same response key path (data.gifts[]) on every tier so your client code works without changes when you upgrade.

Recommended workflow (matches what every enterprise client builds): 1. Cache the full catalog on Ultra at app startup (one call/day is plenty). 2. Live events (all paid plans) → WebSocket sends just gift_id + sender + count for zero-latency delivery. 3. Local match → look up the gift_id in your cached catalog to display the correct icon + calculate diamonds. 4. Auto-update → if a WebSocket gift_id is missing from your cache, refresh the catalog (new gift just shipped from TikTok).

Each gift entry has: id, name, icon_url (or icon on Ultra fetch shape), diamond_count, value_usd (1 diamond ≈ $0.005). Sandbox/Basic/Pro samples include is_sample: true and source: "sample" so your client can detect dev vs prod data.

Why Ultra? TikTok ships new gifts hourly. A one-off pull goes stale fast. Ultra subscribers get the hourly auto-refresh + worldwide creator coverage across every leaderboard + league.

Get the gift catalog for a specific country/region. TikTok scopes the gift panel to the region of the LIVE room it is served from, so this endpoint anchors to a currently-live creator in the requested region's leaderboard and returns that room's catalog - each gift with ID, icon URL, diamond value, USD value, and whether it is a streakable/combo gift.

Tier-branched response: - Sandbox / Basic / Pro → static 50-gift sample so you can build against the schema. Shape: { status_code, source: "sample", is_sample: true, message, data: { country, region, gifts }, your_tier, upgrade_url }. - Ultra / Global Agency → live per-country catalog for the region you request.

Params: country - an ISO country code (US, GB, BR, JP, DE, ...) or a tracked region code. One country per call.

Each gift entry: id, name, icon_url, diamond_count, value_usd (= diamond_count / 100), type, combo, streakable (streakable = combo gift, can be held/sent in a rapid streak).

Notes: A creator must be currently LIVE in the region to anchor the panel (else 503 - retry shortly or try another country). Catalogs change slowly, so cache results - this endpoint is rate-limited to 60 calls/hour per key.

Available on Ultra+. Upgrade at https://tik.tools/pricing.

Get the per-creator Gift Gallery summary - the curated gift wishlist a TikTok creator picks BEFORE going LIVE so viewers can help fulfill it. Returns whether the creator is qualified to use Gift Gallery, the total gallery size, how many gifts they've already lit this period, and their gallery league tier.

What is a Gift Gallery? TikTok creators on the LIVE Gift Gallery program select a curated set of gifts (the "wishlist") before going live. Viewers see a dedicated gallery icon during the stream and can send gifts from that wishlist to help the creator "light up" each slot. Filled slots unlock per-creator rewards + league promotion.

Tier-branched response:

- Sandbox / Basic / Pro -> returns a static SAMPLE so you can build + test your UI against the real schema without paying. Shape: { status_code: 0, source: "sample", is_sample: true, your_tier, upgrade_url, upgrade_message, data: {...} }. Same response shape as Ultra+, so client code works without changes on upgrade. - Ultra / Agency Global / Admin -> returns the live per-creator data signed via webmssdk through our residential proxy pool. Shape: { status_code: 0, data: {...} }.

Detect sample vs live: check the top-level is_sample boolean. Sample responses also carry your_tier + upgrade_url so your client can branch logic safely.

Use cases (Ultra+ with live data): discover which creators are running active gift wishlists, surface progress (e.g. "8 of 10 lit") in third-party dashboards, target sponsored campaigns, score creators by Gallery league for partnership outreach.

Resolution: pass either unique_id (we resolve sec_uid + the creator's current room_id automatically) OR pass sec_uid + room_id directly if you already have them.

Creator must be currently LIVE (Ultra+ only). The upstream gift_gallery endpoint validates the room_id against the creator's active session - calls with no active room return error: "creator_not_live". Sandbox/Basic/Pro sample responses are returned regardless of LIVE state so you can keep building. Poll /webcast/is_live first OR subscribe via the WebSocket and call /webcast/gift_gallery from your roomStart handler.

Refresh cadence: TikTok updates lighted_gift_count in near-real-time during a LIVE; period rolls over monthly. Cache responses for ~60 seconds per (sec_uid) on your side to be polite.

Send a chat message to a live TikTok room as the logged-in user. One call - the server signs, joins the room, sends, and confirms the message actually appeared in the live chat.

Authentication: include TikTok session cookies via the x-cookie-header header. Minimum required is sessionid + tt-target-idc (the data-center cookie, e.g. eu-ttp2). Get them from browser DevTools → Application → Cookies → tiktok.com.

Use a real, established account. Brand-new accounts (auto usernames like user35441..., no avatar/posts, or under ~24h old) are auto-shadowbanned from live chat by TikTok and return delivered: false no matter what.

delivered is the truth. TikTok returns status_code: 0 even on messages it silently shadow-drops. This endpoint confirms your message appeared in the room's live event stream and reports delivered: true / false. Do not rely on status_code alone.

Retrieve TikTok LIVE earnings data for a creator including diamonds received, coin equivalent, and period breakdowns. This is an authenticated endpoint that relays TikTok's creator earnings API.

Authentication required: You must include TikTok session cookies via x-cookie-header. Only works when the session belongs to the creator whose earnings are being requested (you can't view other people's earnings).

Response data: Returns diamonds (total received), coins (equivalent coin value), and period breakdown. Diamond-to-USD conversion: 1 diamond ≈ $0.005 USD.

Use cases: Creator dashboards showing real-time earnings, financial analytics for agency talent management, or automated earnings reports for multi-stream operations.

Discover currently live TikTok LIVE streams. Uses a two-step "sign-and-return" pattern - the API returns a signed URL with headers and cookies that you fetch from YOUR own IP to get the actual TikTok feed data.

Authentication: Include your TikTok session_id cookie for personalized, populated results. Without it, results are anonymous and limited (~5 rooms).

Channels: 87 = Recommended - the main "For You" infinite scroll feed, 86 = Suggested - sidebar host recommendations (shown while watching), 89 or 1111006 = Gaming, 42 = Following (requires session).

Geo-targeting: Feed results are determined by the IP address making the final TikTok fetch (Step 2), NOT by the region parameter. Since you fetch the signed URL from your own client, you'll see content relevant to your geographic location. The region param is passed to TikTok but has minimal effect on results.

Pagination: The API automatically switches to TikTok's "load more" mode when you pass a max_time cursor. Fetch the signed URL → parse the TikTok JSON response → read data.extra.max_time → pass it as max_time in your next call. Each page returns ~6-15 rooms; keep paginating for continuous discovery. The response also includes a load_more_url template - just replace {MAX_TIME} with the cursor.

Rate limits: Pro: 100 calls/day. Ultra: 2,000 calls/day. Response includes feed_remaining and feed_limit fields.

Response data: Each room includes owner.display_id (username), owner.nickname (display name), title, user_count (viewers), owner.avatar_thumb (profile photo), id_str (room ID), and more.

List historical live stream recordings for a TikTok account. Returns past streams with metadata including title, duration, viewer count, and stream date. Requires authenticated TikTok session cookies.

Authentication required: Include session cookies via x-cookie-header. Only accessible for the account that owns the session - you cannot view another creator's video history.

Response data: Each entry includes video_id (stream identifier), title, duration (seconds), viewer_count (peak viewers), create_time (start timestamp), and engagement metrics.

Use cases: Building creator analytics dashboards, tracking streaming performance over time, generating stream history reports, or identifying a specific video_id for use with the video_detail endpoint.

Get granular analytics for a specific past live stream session. Returns detailed performance metrics including total views, peak concurrent viewers, gifts received, new followers gained, and engagement rates. Requires authenticated TikTok session cookies.

Authentication required: Include session cookies via x-cookie-header. Access is restricted to the account's own streams.

Response data: Includes views (total), duration (seconds), peak_viewers, gifts (total diamond value), new_followers, likes, comments, and period-specific breakdowns. The video_id comes from the video_list endpoint.

Use cases: Post-stream analytics reports, A/B testing different stream formats, tracking creator growth metrics, or building agency reporting dashboards that aggregate performance across multiple creators.

Get the real-time online audience roster for a live room, ranked by gift score (diamonds sent during this session). Returns each viewer's rank, score, and full profile. Requires authenticated TikTok session cookies.

How it works: Uses the "sign-and-return" pattern. The API returns a signed_url that you fetch with your session cookies to get TikTok's audience data. The anchor_id (host's user ID) is auto-resolved from the room_id.

Response data: Each entry includes rank (1-based position), score (diamonds sent this session), and user profile with nickname, display_id, id_str, avatar_thumb, and follow_info (follower/following counts).

Use cases: Identifying top supporters in real-time, building live leaderboard overlays, tracking viewer engagement and spending patterns, or providing viewer analytics for agency clients.

Bundled endpoint - fetches both a scoped JWT token and stream video URLs in a single request. Ideal for frontend apps that need to open a WebSocket and play video simultaneously. Rate limited to 10 req/min.

Get regional LIVE leaderboard rankings - daily, hourly, popular, or league. Returns a signed URL that the client fetches with their own TikTok session cookie. Requires Pro or Ultra tier.

TikTok LIVE Gaming Ranks per region: the overall gaming leaderboard plus that region's 3 top game boards (per-game weekly, ~99 creators each). Served from our continuously-maintained cache - no TikTok session needed. Global Agency tier gets every name unmasked; all other tiers receive the exact same response shape with the top 3 names as a teaser and the rest dot-masked, plus an upgrade prompt, so you can build against the structure before upgrading.

The "99+" view: every creator who entered the Gaming Top 99 at ANY point during the current rank-day - including the reset-time churn where a creator holds a spot for seconds - per game. TikTok only ever exposes the live Top 99; this surfaces who moved through and below the cutoff, sourced from our rank-history (no extra consumption). Each mover carries their best (peak) rank of the day, peak diamonds, how many times they appeared, whether they are live now, and the diamonds needed to re-enter the current Top 99. Global Agency tier gets every name unmasked; all other tiers get the same shape with dot-masked identifiers (real ranks + scores shown) plus an upgrade prompt.

The "entered today, below cutoff now" view for the standard regional/country leaderboards (single board per region, vs gaming_movers per game). Every creator who held a board spot at ANY point during the current rank-day - including the reset-time churn - but sits below the live cutoff now, sourced from our rank-history (no extra consumption). Each mover carries their best (peak) rank of the day, peak diamonds, appearances, whether they are live now, and the diamonds needed to re-enter. Global Agency tier gets every name unmasked; all other tiers get the same shape with dot-masked identifiers (real ranks + scores shown) plus an upgrade prompt.

NEW: the weekly TikTok Shop Live Shopping leaderboard per region - the creators driving the most GMV on LIVE this week, recorded continuously on the same rotation as the rest of the rank intel (no TikTok session needed). Each rank carries the creator handle, display name, the week's GMV score, and whether they are live now. The response also carries the rank-window countdown so you know when the weekly board resets. Global Agency tier gets every name unmasked; all other tiers receive the exact same response shape with the top 3 names as a teaser and the rest dot-masked, plus an upgrade prompt, so you can build against the structure before upgrading. Also live on the website at /tiktok-live-gaming-ranks?board=shopping.

Returns the pre-aggregated TikTok daily creator leaderboard for a region in <50ms (no TikTok roundtrip). The leaderboard-poller continuously snapshots 28 regions every 30-60s using anchor-verified probes and a top-10 cross-region validator that rejects wrong-region scrapes before they corrupt the snapshot. Each entry includes rank, uniqueId, userId, nickname, avatar, diamond score, isLive flag, and roomId for the live ones.

Tier behaviour: SANDBOX / FREE / BASIC / PRO callers receive the real uniqueId + nickname + avatar + score + isLive for ranks 1-3 of every region (so the response shape is fully demonstrable). userId and roomId are nulled even on those top-3 ranks. Ranks 4 to 99 are replaced with random per-request placeholder rows (\creator-<8 hex>\, blank nickname, generic avatar). \masked: true\ is set on every placeholder row. ULTRA / AGENCY GLOBAL / ADMIN receive every rank fully unmasked including userId + roomId.

Returns the TikTok LIVE Gaming Ranking for a region - the live in-app gaming leaderboard, recorded continuously by anchor-verified probes on the same rotation as leagues. Each entry includes rank, uniqueId, nickname, avatar, diamond score, estimated USD, and isLive.

Access: Global Agency only. SANDBOX / FREE / BASIC / PRO / ULTRA callers receive a masked 3-name preview (ranks 1-3 real with real scores as the hook; ranks 4+ replaced with length-matched placeholder rows, masked: true, no avatar). AGENCY GLOBAL / ADMIN receive every rank fully unmasked.

Also live on the website at /tiktok-live-gaming-ranks.

Returns ALL 18 league brackets for a region in one response. Each bracket is a class_type from 100 (lowest) up to 2000 (Diamond) plus 1800/1900 intermediate brackets, with the top-99 creators currently in that bracket. Useful for full-region league analytics, dashboards, or replicating a region's league standings inside another product.

Region parameter: accepts a region code (IT+, BK, UK+, ...) OR a country code (IT, GR, GB, DE, FR, ...) - country codes resolve to their TikTok Business Market region automatically. The response region field echoes the resolved canonical code.

Tier behaviour: every tier can hit this endpoint. SANDBOX through PRO see the top-3 of each bracket fully unmasked (uniqueId + nickname + avatar + score + isLive), with userId and roomId nulled; ranks 4 to 99 are replaced with random placeholder rows. ULTRA / AGENCY GLOBAL / ADMIN see every rank with all identifiers.

Returns a single league bracket (one class_type) inside a region. Cheaper than /leaderboard/leagues when you only care about the top-tier bracket (Diamond = 2000) or want to poll a specific class on a tight schedule.

Tier behaviour: same masking rules as the other /webcast/leaderboard endpoints - SANDBOX through PRO see the top-3 unmasked (with userId/roomId nulled) and ranks 4 to 99 as placeholder rows; ULTRA / AGENCY GLOBAL / ADMIN see every rank fully.

Returns the per-region count of unique live creators (across the daily leaderboard + every league bracket) plus the global total and a second "verified" total that intersects the leaderboard with an active relay/gift WS signal (lower bound). Powers the tik.tools/ranking page header. Refreshed every 30s.

Tier behaviour: open to every tier. No per-creator identifiers are returned at all - the response is pure aggregate counts - so there is nothing to mask.

Real-time creator leaderboard for any country or TikTok Business Market region. Returns ranked entries with diamonds, live status, room IDs (for the alive ones), and 7-90 day rank history for paid tiers. Region slug examples: balkans, united-states-region, japan, latam, united-kingdom. Country slugs follow standard kebab-case names. Identifiers are masked to someone-<hash> for Sandbox viewers; PRO+ unmasks names, handles, and profile URLs.

Returns the full league overview for a region: every active class (2000 down to 100, with up to 18 brackets corresponding to TikTok's A1-D5 ladder) with rank windows, member counts, anchor pointers, and the next reset boundary. Identifiers are masked for Sandbox and Pro tiers; ULTRA+ unmasks names + handles + profile URLs. Combine with /api/leaderboards/league/:region/:classType for the per-class entry rows.

Valid region codes (28): BR, LATAM, US+, CA, AU+, JP, KR, TW, ID, MY, PH, CCA, TH, VN, DE+, ES+, HU+, PT+, FR+, BK, PL, UK+, IT+, SE+, NL, RO, MENA, TR. The "+" suffix is REQUIRED for multi-country buckets (eg Italy is "IT+", United Kingdom is "UK+"). Country codes are accepted as aliases - hitting /leagues/IT resolves to IT+, /leagues/GB resolves to UK+, /leagues/GR resolves to BK, etc.

available flag: available: false means our cache has not yet captured any league brackets for the resolved region in the current cycle. It does NOT mean TikTok has no league for that market - we re-probe per missing class every cycle and most regions hold 14-18 of 20 possible classes at any moment. If you see available: false on a region you expect to be active, check that the resolved region field in the response matches what you intended (eg passing IT returns region: "IT+" because IT+ is the canonical code).

All creator entries in a specific league class within a region. Useful for tracking who is winning the current cycle in Diamond/Platinum/Gold/Silver/Bronze. Same mask rule: ULTRA+ unmasks identifiers. ClassType values: 2000 (Diamond), 1000 (Platinum), 600 (Gold), 300 (Silver), 100 (Bronze).

Cross-creator gifter leaderboard - the actual whales spending diamonds across TikTok LIVE in a given region and time window. Global Agency exclusive for unmasked rows; Pro / Ultra / Sandbox all see stable someone-<hash> placeholders. Aggregate numbers (diamonds, ranks, creators gifted) remain visible for everyone so you can still build analytics without paying.

Top gifters for a single creator with per-period breakdowns + each gifter's share of the creator's total income. Useful for VIP outreach and roster prioritisation. Global Agency exclusive for unmasked rows; Pro / Ultra / Sandbox see the same masked placeholders. Pass the AES-GCM masked-handle token (?p=<token>) to resolve a masked URL without exposing the real handle.

Deep gifter profile - lifetime diamonds, list of creators they support, wallet-fatigue cohort, loyalty score, latest big gifts, and historical velocity. Global Agency exclusive for unmasked identifiers + profile URL; Pro / Ultra / Sandbox see placeholders with aggregate numbers intact.

Self-service ghost-WebSocket cleanup. Closes every WebSocket the server currently tracks for your own API key - and nothing else. No admin auth required, just your normal apiKey.

When you need this: - Your SDK crashed without a clean .close() (e.g. SIGKILL, hard reboot, container OOM), leaving TCP sockets open at the OS level. The WebSocket library auto-replies to control PING frames at the OS/library layer even when your app code is gone, so the server side can't tell the connection is logically dead. Result: your concurrent-WS count grows until you hit the tier cap and can't open new ones. - You're deploying a new build and want a clean slate before the new container starts subscribing. - You implemented your own their_count vs our_count drift detector (recommended) and want a button to call when the gap exceeds your tolerance.

What it does NOT do: - Does not touch any OTHER account's connections. - Does not change your tier or limits. - Does not affect future connections - your SDK can immediately reconnect.

Rate limit: 10 calls per hour per key. Polling this is pointless: every NEW WebSocket connect already triggers FIFO eviction of the oldest tracked socket for the same key, so steady-state ghost accumulation is already prevented server-side. Manual sweep is for after-crash hygiene, not a fix-the-drift loop.

Tier: Basic+ (Demo + Sandbox keys have wsLimit=1 so the endpoint is meaningless for them - 403).

Close code your SDK will see: 4502 (SWEEP_INITIATED) with reason text "ws-sweep: caller initiated ghost-WS cleanup". This is distinct from 4401 (INVALID_AUTH). If your SDK auto-treats 4401 as "fatal, stop retrying", a sweep will NOT trigger that path - 4502 is a clean, retryable close.

Find Eligible Creators to Recruit - the API behind the agency dashboard's recruiting page. Returns a paginated, score-ranked list of every creator currently tracked across the live league boards, so a scouting script can filter out low earners before reaching out.

Payload per creator: username, current_league (e.g. A1, B2), and current_snapshot_score - the real-time score TikTok is reporting for them on their league board at the moment of the query. Each row also carries its region code.

Live snapshot only. This route returns the current snapshot score. Historical data, 30-day timelines, and heavy aggregations stay in the web dashboard by design.

Pagination: results are ranked by current_snapshot_score descending. Page through with page (1-based) and limit (up to 100). The response includes total, total_pages, and returned.

Rate limit: 60 requests/hour per key on this route (it queries the heavy aggregation tables). At limit=100 that is up to ~6,000 profiles/hour. x-ratelimit-limit / x-ratelimit-remaining / x-ratelimit-reset headers and a rate_limit object are returned on every call; over the cap returns HTTP 429.

Access: Agency tier only.

Register a webhook that pushes events to your URL when one of your watched creators goes live. This is go-live push, not a forward of an already-connected session - we monitor your creators server-side, so nothing needs to be running on your end. Authenticate with your x-api-key (server-to-server) or while logged in to the dashboard.

Watched creators are set per webhook via the creators array (TikTok usernames, no @). Events are tier-gated: - live.start / live.end - all paid plans (Basic and up) - live.peak_viewers, live.gift.high_value - Ultra and Global - creator.follower_milestone, creator.eligible - Global

Per-plan limits (webhook endpoints / deliveries per day / creators per webhook): - Basic: 1 endpoint, 500 deliveries/day, up to 1000 creators - Pro: 3 endpoints, 5,000 deliveries/day, up to 1000 creators - Ultra: 5 endpoints, 50,000 deliveries/day, priority delivery - Global: unlimited endpoints, 500,000 deliveries/day, IP allowlist + priority delivery - Sandbox: test-only (1 disabled config, up to 5 creators, no live delivery)

Delivery is at-least-once with automatic retries; every attempt is recorded and can be replayed. Payloads are signed (X-Tiktool-Signature over the raw body, with X-Tiktool-Timestamp) so you can verify authenticity.

---

Endpoint requirements - Your URL must be publicly reachable. Both http and https are accepted (https recommended - but the HMAC signature protects every delivery either way, so a self-hosted http://IP:port receiver is fine). Private, internal, loopback and link-local hosts are rejected. - Respond 2xx fast. Return 200 the moment you receive the POST, then do your real work (recording, DB writes, downstream calls) asynchronously. If your handler blocks before responding, your listener stops accepting new connections and deliveries start failing. Connect timeout is 10s, read timeout 15s. - Keep the listener always-on. A refused connection (server busy or restarting) or a timeout both count as a failed delivery. Run multiple workers and raise your accept backlog so you never drop connections under load.

Detection & timing - We monitor your creators server-side and fire live.start within seconds of them going live - nothing needs to run on your end. - Detection is near-real-time but poll-based: a live that both starts and ends within a few seconds may not be observed. Lives of normal length are caught reliably.

Delivery & retries - At-least-once. Each event is attempted immediately, then retried on failure at 0s, 30s, 2m, 10m, 1h, 6h (6 attempts over ~6 hours). After the final attempt it is dead-lettered. - Dedupe on event_id - the same event can arrive more than once. - Every attempt is logged; dead-letters can be replayed from the dashboard or API once your endpoint is healthy.

Verifying signatures - Each delivery carries X-Tiktool-Signature (HMAC-SHA256 of the raw request body) and X-Tiktool-Timestamp. Recompute the HMAC with your webhook secret and compare. Also sent on every delivery: X-Tiktool-Event, X-Tiktool-Event-Id, X-Tiktool-Delivery-Id, X-Tiktool-Attempt, X-Tiktool-Webhook-Id.

Troubleshooting - receiving fewer events than expected - Test deliveries work but live events do not: detection is not the problem - look at your endpoint. A "pending" status or missing events almost always means deliveries are failing at your server. - Failures that return in ~200ms are a refused connection: your server was not accepting connections at that moment (busy or restarting). Keep the listener responsive - acknowledge with 200 first, process after. - Slow failures are timeouts: your handler took longer than the read timeout. Acknowledge first, work after. - GET /api/webhooks shows recent delivery health (last status, fail streak) per webhook. Stabilise your endpoint, then replay any dead-lettered deliveries.

List your registered webhooks with their event types, watched creators, active state, and recent delivery health. Same auth as register (x-api-key or dashboard session).

Fire a synthetic live.start at your target URL (signed with the real secret, flagged is_test:true) so you can validate your integration end-to-end before a real creator goes live. The delivery is logged like any other.