CheckRedirects · URL inspection API

CheckRedirects

CheckRedirects resolves URLs, follows HTTP redirect chains, and returns the final destination, status, hops, headers, timing, TLS details, and errors as a structured API response. Built for developers and data engineers cleaning CRM records, auditing link rot, validating migrations, or checking whether a URL behaves differently by user agent.

Get an API key Read the docs

Why we built it

We do a lot of deduplication and record merging on Attio projects. Matching people and companies across messy datasets means resolving redirected URLs at scale, and we wanted something we could call programmatically from our own pipelines, agents, and client integrations. We built CheckRedirects to be the shape we kept reaching for: API-first, easy to provision a key for, and cheap to run at scale.

CheckRedirects ships with the opposite priorities: API-first, programmatic by default, keys issued from a dashboard or a single endpoint call, and an MCP server on top so agents can call it without extra glue. The web app and the MCP server are clients of the same API surface, not separate feature tracks.

It runs in our own pipelines for client work, and it's available for anyone else who wants redirect checks at scale without fighting their tooling to get there.

Capabilities

Six surfaces, one per common task. All accept the same Bearer auth header (Authorization: Bearer httpnd_…) and return JSON.

Single URL inspection

POST /v1/inspect follows 301 / 302 / 303 / 307 / 308 chains and returns the final URL, final status, hops, headers, timing, TLS, and error fields in one structured response. Per-hop data covers status code, method, URL, location header, response time, and TLS details when the hop is HTTPS.

Batch + webhooks

POST /v1/batch accepts a urls array or an items array carrying per-URL data metadata that comes back attached to each result. The schema hard cap is 500 URLs; plan tiers cap at 25 / 200 / 500. On paid plans, batch jobs accept an HTTPS webhook_url; when the job completes, CheckRedirects POSTs a signed JSON payload (X-Signature header) with the job id, status, and URL counts so a consumer can pull the full result set when it's ready.

User-agent comparison

POST /v1/compare-agents tests one URL across up to 10 user agents (or a preset pack) and groups the results by final URL and final status. Useful for surfacing UA-specific redirect behavior like affiliate networks, paywalls, bot-detection redirects, and mobile-only short links.

TLS + HTTPS posture

HTTPS hops include TLS version, cipher, certificate subject, issuer, validity dates, SANs, and chain validity. The outbound transport enforces TLS 1.2 minimum, and webhook callback URLs must be HTTPS.

MCP server

A Model Context Protocol server exposes the same capabilities to MCP-capable agents: check_url, inspect_url, compare_agents, batch_check_and_wait, batch_results, monitor management tools, and Google Sheets export. Drop it into your agent's MCP config and call the tools directly without writing a custom HTTP client.

Code examples

Real endpoints, real auth, copy-pasteable. Replace httpnd_your_key_here with an actual API key from the dashboard.

curl -sS https://api.checkredirects.io/v1/batch \
  -H "Authorization: Bearer httpnd_your_key_here" \
  -H "Content-Type: application/json" \
  -d '{
    "items": [
      {
        "url": "https://example.com",
        "data": { "record_id": "crm_123" }
      },
      {
        "url": "https://neondeerdata.com",
        "data": { "record_id": "crm_456" }
      }
    ],
    "method": "HEAD",
    "follow_redirects": true,
    "max_redirects": 10
  }'

const response = await fetch("https://api.checkredirects.io/v1/inspect", {
  method: "POST",
  headers: {
    Authorization: "Bearer httpnd_your_key_here",
    "Content-Type": "application/json"
  },
  body: JSON.stringify({
    url: "https://example.com",
    method: "HEAD",
    follow_redirects: true,
    max_redirects: 10,
    https_only: true
  })
});

if (!response.ok) {
  throw new Error(await response.text());
}

const result = await response.json();
console.log({
  finalUrl: result.final_url,
  finalStatus: result.final_status,
  hops: result.total_hops,
  chain: result.redirect_chain
});

{
  "jsonrpc": "2.0",
  "id": 1,
  "method": "tools/call",
  "params": {
    "name": "batch_check_and_wait",
    "arguments": {
      "urls": [
        "https://example.com",
        "https://neondeerdata.com"
      ],
      "method": "HEAD",
      "https_only": true
    }
  }
}

Frequently asked questions

Is there a free tier?

Yes. Free includes 250 checks per month, 25 URLs per batch, and 10 API requests per second. No credit card required.

How do I get an API key?

Sign up at checkredirects.io, create a key from the dashboard, and copy it (the full key is shown once on creation). Keys have an httpnd_ prefix. Programmatic creation is also available via POST /v1/api-keys.

Can I use it from an MCP client?

Yes. The MCP server exposes tools for single URL inspection, batch jobs with wait + result lookup, user-agent comparison, monitor management, and Google Sheets export. Drop it into your MCP-capable agent and call the tools directly.

What's the batch limit?

The schema hard cap is 500 URLs per batch. Plan tiers cap at 25 (Free), 200 (Pro), and 500 (Business). Larger jobs need to be split across multiple batch calls.

Does it follow every kind of redirect?

HTTP redirects (301, 302, 303, 307, 308) are followed by default and returned in the chain. Meta-refresh and JavaScript redirects are not currently part of the inspection contract.

What's the rate limit?

Per-org per-second limits scale with plan: 10/sec Free, 25/sec Pro, 50/sec Business. Monthly check quotas are separate from per-second rate limits.

How does the webhook callback work?

Batch jobs accept an HTTPS webhook_url on paid plans. When the job completes, CheckRedirects POSTs a signed JSON payload with the job id, status, and URL counts. The signature is sent in the X-Signature header so you can verify the request came from CheckRedirects.