Haulock API
Verify any freight broker or motor carrier programmatically. Same checks as the web app — FMCSA authority, insurance, crash history, company website, domain WHOIS, social profiles, Google Business address match — returned as a single scored JSON payload.
Overview
The API is a thin HTTP layer over the same verification pipeline the Haulock dashboard uses. All endpoints return JSON. The base URL is your Haulock domain plus /api/v1.
https://haulock.com/api/v1Authentication
Every request must include a Bearer token in the Authorization header. Generate keys in Settings → API keys.
Authorization: Bearer hlk_abc123…
Rate limits & quotas
API usage counts against the same monthly quota as in-app lookups. All of your API keys share one allowance, and team members pool together.
| Plan | Monthly lookups | API access |
|---|---|---|
| Free | 5 | Yes |
| Carrier | 250 | Yes |
| Fleet | Unlimited | Yes |
Cache hits are free. Querying the same MC or DOT returns the last saved record without consuming quota. Pass force=1 to bypass the cache.
/v1/verify
Verify a broker or carrier by MC number, DOT number, or company name.
Query parameters
| Name | Required | Description |
|---|---|---|
q | yes | MC number (e.g. MC-123456 or 123456), DOT number (DOT-9876543), or company name. |
force | no | Set to 1 to bypass the cache and charge a fresh lookup against your quota. |
Example request
curl -H "Authorization: Bearer $HAULOCK_API_KEY" \ "https://haulock.com/api/v1/verify?q=MC-123456"
Response schema
Successful responses return 200 OK with the carrier's scored report.
{
"name": "Sample Brokerage LLC",
"mc": "123456",
"dot": "9876543",
"address": "123 Main St, Dallas, TX 75201",
"phone": "(555) 555-0000",
"emailDomain": "samplebrokerage.com",
"authorityStatus": "Active",
"commonAuthority": "Active",
"brokerAuthority": null,
"authorityAge": "8 years",
"safetyRating": "Satisfactory",
"outOfService": false,
"bipdOnFile": 1000,
"cargoOnFile": 250,
"insuranceSummary": "$1,000,000 liability · $250,000 cargo",
"drivers": 24,
"powerUnits": 18,
"crashTotal": 1,
"addressCheck": {
"configured": true,
"found": true,
"matchedName": "Sample Brokerage LLC",
"matchedAddress": "123 Main St, Dallas, TX 75201",
"isMailbox": false,
"isResidence": false
},
"webPresence": {
"configured": true,
"found": true,
"domain": "samplebrokerage.com",
"url": "https://samplebrokerage.com",
"nameMatch": true,
"domainAgeDays": 4210,
"hasMx": true,
"hasSpf": true,
"socials": [
{ "platform": "linkedin", "url": "https://linkedin.com/company/sample" }
]
},
"source": "fmcsa",
"fetchedAt": "2026-04-23T21:05:00.000Z",
"score": 12,
"verdict": "low",
"flags": [],
"cached": false
}Score is 0–100 (lower = safer). Verdict is one of low, medium, high. flags is an array of risk signals with sev, title, desc, and pts.
Errors
| Status | Code | Meaning |
|---|---|---|
| 400 | — | Missing or empty q. |
| 401 | — | Missing, invalid, or revoked API key. |
| 402 | limit_reached | Monthly plan quota exhausted. Response includes plan, limit, and used. |
| 500 | — | Upstream error (FMCSA, Google, etc.). Retry after a short backoff. |
Examples
JavaScript (fetch)
const res = await fetch(
'https://haulock.com/api/v1/verify?q=MC-123456',
{ headers: { Authorization: `Bearer ${process.env.HAULOCK_API_KEY}` } }
);
if (!res.ok) throw new Error(`Haulock ${res.status}`);
const report = await res.json();
console.log(report.score, report.verdict, report.flags);Node.js (axios)
import axios from 'axios';
const haulock = axios.create({
baseURL: 'https://haulock.com/api/v1',
headers: { Authorization: `Bearer ${process.env.HAULOCK_API_KEY}` },
});
const { data } = await haulock.get('/verify', { params: { q: 'MC-123456' } });Python (requests)
import os, requests
r = requests.get(
'https://haulock.com/api/v1/verify',
headers={'Authorization': f"Bearer {os.environ['HAULOCK_API_KEY']}"},
params={'q': 'MC-123456'},
timeout=30,
)
r.raise_for_status()
report = r.json()
print(report['score'], report['verdict'])