Skip to content
/
Prospecting - Search & En...

Lusha API Documentation

Lusha provides a RESTful API that allows you to query a comprehensive dataset of business profiles and company information. It is designed for teams building prospecting, enrichment, automation, and analytics workflows that require accurate, continuously updated business data. The API supports both real-time and bulk use cases and is suitable for production environments. Use the Lusha API to search for new prospects, enrich existing records, react to real-world changes, and expand coverage using lookalike recommendations.

All API requests should be made over HTTPS (SSL), and the response bodies are delivered in JSON format.

Person

https://api.lusha.com/v2/person
▶ Common Use Cases
  • • Form enrichment
  • • CRM completion
  • • Outbound personalization

Company

https://api.lusha.com/v2/company
▶ Common Use Cases
  • • Account enrichment
  • • Routing, scoring, territory logic
  • • Market analysis & segmentation

Signals

https://api.lusha.com/v2/signals
▶ Common Use Cases
  • • Job change tracking
  • • Company updates signals
  • • News event alerts

Lookalikes

https://api.lusha.com/v2/recommendations
▶ Common Use Cases
  • • Market expansion
  • • Similar account discovery
  • • Prospect recommendations
Webhooks APINEW

Subscribe to real-time notifications when contacts change jobs or companies experience key business events.

View Documentation →

Data Source and Privacy

Please note that Lusha is a search platform, meaning the data provided is not created or directly managed by us. Instead, it is retrieved from publicly available sources and through contributions from trusted business partners.

For more information on how we collect, use, and handle business profiles, please refer to our Privacy Policy.

Authentication

API keys are required for all API and MCP requests and are tied to your Lusha account and plan. To access the Lusha API, you must authenticate your requests using your API key. This key is unique to your account and is used to identify your usage of the API. How to Authenticate:

When making an API call, include your API key in the api_key header of the request.

You can generate and retrieve your API key here. API keys should be stored securely and used only in server-side environments.

Rate Limiting

Lusha API enforces rate limiting to ensure fair usage and protect against excessive load.

  • General Rate Limit: You can make up to 25 requests per second to each API endpoint
  • Credit Usage API: Has a specific rate limit of 5 requests per minute

Note: Rate limits may vary based on your account type and subscription plan. If you're encountering rate limit issues frequently, please consult with your account manager or Lusha support team to discuss your specific needs.

Rate Limit Headers

To monitor your current rate limit status, check the HTTP response headers in your API calls:

HeaderDescription
x-rate-limit-dailyThe total number of requests allowed per day under your current plan
x-daily-requests-leftThe number of requests remaining in your daily quota
x-daily-usageThe number of requests you have made in the current daily period
x-rate-limit-hourlyThe total number of requests allowed per hour under your current plan
x-hourly-requests-leftThe number of requests remaining in your hourly quota
x-hourly-usageThe number of requests you have made in the current hourly period
x-rate-limit-minuteThe total number of requests allowed per minute under your current plan
x-minute-requests-leftThe number of requests remaining in your current minute window
x-minute-usageThe number of requests you have made in the current minute window

Notes on API Rate Limiting

  • If you exceed the rate limit, the API will return a 429 (Too Many Requests) error.
  • To ensure a smooth experience, respect the rate limits defined by your subscription tier.
  • Daily limits vary based on your billing plan — higher tiers have higher quotas.
  • You can programmatically track your usage through these response headers:
    • X-RateLimit-Remaining-Daily
    • X-RateLimit-Reset-Daily
  • It is strongly recommended to implement logic that:
    • Monitors these headers
    • Pauses or retries requests accordingly
    • Helps avoid hitting the limit and ensures reliable operation

Error Codes

Lusha API uses standard HTTP response codes to indicate the status of your request. These codes help you understand whether the request was successful or if there was an issue.

Status CodeNameDescription
200OKSuccessful request
400Bad RequestBadly formatted request
401UnauthorizedThe API key is invalid
402Payment RequiredYour account requires payment
403ForbiddenYour account is not active. Please reach out to support at support@lusha.com for assistance
403ForbiddenYour pricing version does not support requesting individual datapoints [revealEmails, revealPhones]
404Not FoundThe requested endpoint was not found
412Precondition FailedThe request failed due to invalid syntax that was provided. Please make sure to send a full name field that contains a valid first & last name
429Too Many RequestsYou've reached your trial limit, please contact support for upgrade
429Too Many RequestsDaily API quota limit exceeded. Limit X calls per day
429Too Many RequestsHourly API rate limit exceeded. Limit: X calls per hour. Reset in X seconds
451Unavailable For Legal ReasonsWe are unable to process this contact request due to our GDPR regulations
499Client Closed RequestRequest failed due to request timeout
5XXServer ErrorThere's a problem on Lusha's end

Error Response Format

In case of an error, the response body will contain details about the error:

{
  "error": {
    "code": 400,
    "message": "Invalid request parameters"
  }
}

Handling errors

  • Always ensure your API key is correct and valid

  • Pay attention to the specific error message and code to troubleshoot issues efficiently

  • Implement proper error handling and retry logic in your application

  • For 5XX errors, implement exponential backoff before retrying

Download OpenAPI description
openapi.json
openapi.yaml
Overview
URL
https://api.lusha.com
Lusha Support
support@lusha.com
License
Proprietary
Terms of Service
Languages
Servers
Mock server
https://docs.lusha.com/_mock/apis/openapi
Production server
https://api.lusha.com

Enrichment

What is enrichment?:

Enrichment is the process of adding missing or updated data to existing contact or company records.

Use enrichment to:

  • Complete CRM records
  • Improve outbound accuracy and deliverability
  • Keep records current as people and companies change

Enrichment can be performed in real time or in bulk, depending on the endpoint and use case.

Available enrichment APIs

Person enrichment:

Company enrichment:

Operations

Prospecting - Search & Enrich

With Lusha's Prospecting API, you can query Lusha's extensive database based on specific criteria (such as job title, seniority, location, and more) to retrieve detailed contact and company information.

The Prospecting API is designed to help you generate new records (contacts or companies) for your CRM system, using filters that align with your Ideal Customer Profile (ICP).

This process involves three main steps:

StepAPIDescription
1Filters APIApply filters to refine your search (Check available filters under Contact and Company Filters)
2Search APIQuery Contacts or Companies using the available filters
3Enrich APIGet full details of Contacts and Companies from the search results
Operations

Search Contacts

Request

Search for contacts using various filters. This is step 2 of the prospecting process.

Endpoint: (POST) https://api.lusha.com/prospecting/contact/search

Signal Filtering (Premium Feature)

Filter contacts by signal types to find prospects at key career moments.

Note: This is a premium feature. Credits are charged for each signal type that returns results.

Security
ApiKeyAuth
Bodyapplication/jsonrequired
includePartialContactboolean

When set to true, includes contacts with partial information in the search results. Partial contacts may have incomplete data but can still be valuable prospects.

Default true
Example: false
pagesobject(PaginationParams)
filtersobjectrequired
filters.​contactsobject(ContactFilters)
filters.​companiesobject(CompanyFilters)
curl -i -X POST \
  https://docs.lusha.com/_mock/apis/openapi/prospecting/contact/search \
  -H 'Content-Type: application/json' \
  -H 'api_key: YOUR_API_KEY_HERE' \
  -d '{
    "pages": {
      "page": 0,
      "size": 20
    },
    "filters": {
      "contacts": {
        "include": {
          "departments": [
            "Engineering & Technical",
            "Marketing"
          ],
          "seniority": [
            "4",
            "5"
          ],
          "existing_data_points": [
            "phone",
            "work_email",
            "mobile_phone"
          ],
          "locations": [
            {
              "continent": "North America",
              "country": "United States",
              "city": "New York",
              "state": "New York",
              "country_grouping": "na"
            }
          ],
          "signals": {
            "names": [
              "allSignals",
              "promotion",
              "companyChange"
            ],
            "startDate": "2025-11-01"
          }
        },
        "exclude": {
          "departments": [
            "Human Resources"
          ]
        }
      },
      "companies": {
        "include": {
          "names": [
            "Apple",
            "Microsoft"
          ],
          "locations": [
            {
              "country": "United States"
            }
          ],
          "technologies": [
            "Salesforce",
            "Amazon Web Services"
          ],
          "mainIndustriesIds": [
            4,
            5
          ],
          "subIndustriesIds": [
            101
          ],
          "intentTopics": [
            "Digital Sales"
          ],
          "sizes": [
            {
              "min": 100,
              "max": 1000
            }
          ],
          "revenues": [
            {
              "min": 10000000,
              "max": 100000000
            }
          ],
          "sicCodes": [
            "1011",
            "1021"
          ],
          "naicsCodes": [
            "11",
            "21"
          ]
        },
        "exclude": {}
      }
    }
  }'

Responses

Search results with contact IDs

Bodyapplication/json
requestIdstring

The unique request ID used for subsequent enrichment requests

currentPagenumber

The current page of the search results

pageLengthnumber

The number of results on the page

totalResultsnumber

The total number of search results

contactsArray of objects(ContactSearchData)
Response
application/json
{
  "requestId": "string",
  "currentPage": 0,
  "pageLength": 0,
  "totalResults": 0,
  "contacts": [
    {}
  ]
}

Enrich Contacts

Request

Enrich contacts from search results. This is step 3 of the prospecting process.

Endpoint: (POST) https://api.lusha.com/prospecting/contact/enrich

⚠️ Important Notice - Unified Credits Plan Required

ParameterRequirement
revealEmails and revealPhonesOnly available to customers on the Unified Credits pricing plan
Plan RestrictionAttempting to use these parameters on other plans will result in a 403 Unauthorized error
Default BehaviorWhen neither parameter is used, the API returns both email addresses and phone numbers, if available
Security
ApiKeyAuth
Bodyapplication/jsonrequired
requestIdstringrequired

The requestId generated in the Prospecting Search response (UUID)

Example: "b6effae6-35b8-493d-91aa-7d3b1b7c7dc7"
contactIdsArray of stringsrequired

An array containing the contact IDs for enrichment. Min 1, max 100.

Example: ["37b4c536-eaec-11ef-ad4b-a75f8e9e1484"]
revealEmailsboolean

Set revealEmails=true to retrieve only the email address of the contact. Only available to customers on the Unified Credits pricing plan.

Example: false
revealPhonesboolean

Set revealPhones=true to retrieve only the phone number of the contact. Only available to customers on the Unified Credits pricing plan.

Example: true
curl -i -X POST \
  https://docs.lusha.com/_mock/apis/openapi/prospecting/contact/enrich \
  -H 'Content-Type: application/json' \
  -H 'api_key: YOUR_API_KEY_HERE' \
  -d '{
    "requestId": "b6effae6-35b8-493d-91aa-7d3b1b7c7dc7",
    "contactIds": [
      "37b4c536-eaec-11ef-ad4b-a75f8e9e1484"
    ]
  }'

Responses

Enriched contact data

Bodyapplication/json
requestIdstring

The requestId that was used in the request

contactsArray of objects
Response
application/json
{
  "requestId": "string",
  "contacts": [
    {}
  ]
}

Search Companies

Request

Search for companies using various filters. This is step 2 of the prospecting process.

Endpoint: (POST) https://api.lusha.com/prospecting/company/search

Signal Filtering (Premium Feature)

Filter companies by signal types to identify those with recent business events and changes.

Note: This is a premium feature. Credits are charged for each signal type that returns results.

Security
ApiKeyAuth
Bodyapplication/jsonrequired
pagesobject(PaginationParams)
filtersobjectrequired
filters.​companiesobject(CompanyFilters)
curl -i -X POST \
  https://docs.lusha.com/_mock/apis/openapi/prospecting/company/search \
  -H 'Content-Type: application/json' \
  -H 'api_key: YOUR_API_KEY_HERE' \
  -d '{
    "pages": {
      "page": 0,
      "size": 20
    },
    "filters": {
      "companies": {
        "include": {
          "names": [
            "Apple"
          ],
          "domains": [
            "lusha.com"
          ],
          "locations": [
            {
              "country": "United States"
            }
          ],
          "technologies": [
            "Amazon"
          ],
          "intentTopics": [
            "Digital Sales"
          ],
          "sizes": [
            {
              "min": 1,
              "max": 10
            }
          ],
          "revenues": [
            {
              "min": 1,
              "max": 1000000
            }
          ],
          "sicCodes": [
            "1011",
            "1021"
          ],
          "naicsCodes": [
            "11",
            "21"
          ],
          "mainIndustriesIds": [
            4,
            5
          ],
          "subIndustriesIds": [
            101
          ],
          "searchText": "Finance Marketing in Germany DE",
          "excludePartialCompanies": false,
          "signal": {
            "names": [
              "newsEvent"
            ],
            "startDate": "2025-11-01"
          }
        },
        "exclude": {}
      }
    }
  }'

Responses

Search results with company IDs

Bodyapplication/json
requestIdstring

The requestId that should be used in Prospecting Enrich request API params

currentPagenumber

Current page of search results

pageLengthnumber

Page length

totalResultsnumber

Total search results

companiesArray of objects(CompanySearchData)
Response
application/json
{
  "requestId": "string",
  "currentPage": 0,
  "pageLength": 0,
  "totalResults": 0,
  "companies": [
    {}
  ]
}

Enrich Companies

Request

Enrich companies from search results. This is step 3 of the prospecting process.

Endpoint: (POST) https://api.lusha.com/prospecting/company/enrich

Security
ApiKeyAuth
Bodyapplication/jsonrequired
requestIdstringrequired

The requestId from the Prospecting Search response

Example: "5ad275c8-7dd4-462a-bd45-6bc1970da64e"
companiesIdsArray of stringsrequired

An array of company IDs for enrichment. Min 1, max 100.

Example: ["1586"]
curl -i -X POST \
  https://docs.lusha.com/_mock/apis/openapi/prospecting/company/enrich \
  -H 'Content-Type: application/json' \
  -H 'api_key: YOUR_API_KEY_HERE' \
  -d '{
    "requestId": "5ad275c8-7dd4-462a-bd45-6bc1970da64e",
    "companiesIds": [
      "1586"
    ]
  }'

Responses

Enriched company data

Bodyapplication/json
requestIdstring

The requestId used in the request

companiesArray of objects(CompanyEnrichData)
Response
application/json
{
  "requestId": "string",
  "companies": [
    {}
  ]
}

Contact Filters

Available filters for contact searches

Operations

Company Filters

Available filters for company searches

Operations

Signals

With Lusha’s Signals API, you can enrich your contacts and companies with timely insights that highlight key account and prospect changes. Signals help you identify moments of opportunity - from job moves and promotions to company growth and new initiatives - so you can engage prospects and customers at exactly the right time. Easily integrate signal data into enrichment flows, CRM systems, or automation workflows to keep pipelines and customer records always up to date.

Operations

Lookalikes

Lusha's Lookalikes API helps you discover similar contacts and companies based on your existing data. Get AI-powered suggestions for new prospects that match your ideal customer profile.

Contact Lookalikes - Find similar contacts based on role, seniority, and industry patterns.

Company Lookalikes- Discover companies with similar firmographics and characteristics.

Operations

Webhooks

Subscribe to real-time notifications when contacts change jobs or companies experience key business events.

Webhooks deliver HTTP POST requests to your endpoints when signals occur - from promotions and job changes to company growth.

For a full list of available signals, refer to Signal Options.

Key Features:

  • Real-time contact & company signal notifications
  • Bulk subscription management (up to 25 items per request)
  • Secure delivery with HMAC-SHA256 signatures
  • Automatic URL verification during setup
  • Delivery monitoring with audit logs

Available Endpoints:

MethodEndpointPurpose
POST/api/subscriptionsCreate subscriptions (bulk supported)
GET/api/subscriptionsList all subscriptions
GET/api/subscriptions/{id}Get subscription by ID
PATCH/api/subscriptions/{id}Update subscription
POST/api/subscriptions/deleteDelete subscriptions (bulk supported)
POST/api/subscriptions/{id}/testTest subscription delivery
GET/api/audit-logsGet webhook delivery logs
GET/api/audit-logs/statsGet delivery statistics
GET/api/account/secretGet account webhook secret
POST/api/account/secret/regenerateRegenerate account secret

Webhook Verification: When creating subscriptions, Lusha sends a GET request with a challenge parameter. Your endpoint must return {"challenge": "value"} with HTTP 200.

Rate Limits
OperationLimit
API Requests100 requests/minute per account
Create Subscriptions25 items per request
Delete Subscriptions25 items per request
Security & Verification

HTTPS Requirement:

  • Production webhook URLs must use HTTPS
  • HTTP URLs are not accepted

Webhook Verification:

When creating or updating a subscription, Lusha verifies your webhook URL by sending a GET request with a challenge query parameter.

Verification Request:

GET https://your-webhook-url.com?challenge=abc123xyz

Expected Response (200 OK):

{
  "challenge": "abc123xyz"
}

Requirements:

  • Return HTTP 200 status
  • Return Content-Type: application/json
  • Echo back the exact challenge value

Signature Verification:

All webhook deliveries include an X-Lusha-Signature header containing an HMAC-SHA256 signature. Verify this signature to ensure the request is from Lusha:

  1. Extract the X-Lusha-Signature and X-Lusha-Timestamp headers
  2. Concatenate: timestamp + "." + JSON.stringify(payload)
  3. Compute HMAC-SHA256 using your webhook secret
  4. Compare the computed signature with the received signature

Example (Node.js):

const crypto = require('crypto');

function verifySignature(payload, signature, timestamp, secret) {
  const signedPayload = `${timestamp}.${JSON.stringify(payload)}`;
  const expectedSignature = crypto
    .createHmac('sha256', secret)
    .update(signedPayload)
    .digest('hex');
  
  return crypto.timingSafeEqual(
    Buffer.from(signature),
    Buffer.from(expectedSignature)
  );
}

Security Best Practice: Always verify webhook signatures to prevent spoofed requests.

Credits & Billing

Credit Charges:

  • Credits are charged when signals are detected and delivered to your webhook
  • The creditsCharged field in the webhook payload indicates how many credits were used
  • Credits are deducted from your account balance per signal type

No Duplicate Charges:

  • Each signal is delivered once and charged once
  • Webhook delivery retries do not incur additional charges
Error Response Format

All error responses follow this format:

{
  "statusCode": 400,
  "message": "Validation failed",
  "errors": ["entityType must be one of: contact, company"]
}
FieldTypeDescription
statusCodenumberHTTP status code
messagestringError message
errorsstring[]Detailed error messages (optional)
Operations

Account Management

Manage your account and monitor usage.

Use this endpoint to:

  • Monitor credit usage
  • Understand consumption patterns
  • Align API usage with plan limits
  • Support governance and production operations

Account-level insights are especially important for teams running Lusha at scale or across multiple systems.

Operations
Terms
Copyright © Lusha. All rights reserved.