WATI API uses OAuth2 as an authorization layer. As such, every API request must contain an Authorize HTTP header with a token. Access tokens are app and user-specific.
Please do not share the token with anyone, nor post it publicly.
curl --request GET \
--url https://app-server.wati.io/api/v1/getContacts \
--header 'Authorization: Bearer $TOKEN'
$TOKEN is your instance token, which can be found under API docs in the WATI UI.