Introducing the String Web Access API
Today we're releasing the String Web Access API to make accessing web data as simple as possible for humans and agents. Proxy rotation, fingerprinting, and retries are handled automatically - and you only pay when content comes back.
Most of the useful web is closed for serious data analysis. Anti-bot systems stop automated requests - including your agent.
To measure how well we get through, we built and open-sourced the Web Data Frontier Benchmark: 53 heavily protected targets, 265 requests per site. We ran String head to head against every related API on the market. String passed 97% of the requests. We'll let you judge the competition.
| Provider | Success rate | Avg latency | Requests |
|---|---|---|---|
| string | 97.4% | 11.00s | 258/265 |
| bright | 79.2% | 24.14s | 210/265 |
| zenrows | 76.2% | 23.47s | 202/265 |
| context_dev | 75.5% | 13.69s | 200/265 |
| scraperapi | 73.2% | 17.85s | 194/265 |
| firecrawl | 72.1% | 12.82s | 191/265 |
| decodo | 69.4% | 32.97s | 184/265 |
| oxylabs | 69.1% | 20.89s | 183/265 |
| zyte | 67.5% | 18.22s | 179/265 |
| nimble | 58.5% | 31.18s | 155/265 |
| browserbase | 50.6% | 2.03s | 134/265 |
| scrapingdog | 47.9% | 10.17s | 127/265 |
| scrapingbee | 35.1% | 5.83s | 93/265 |
| scrapingant | 32.8% | 6.86s | 87/265 |
What you can build
We built this because access is the most important web data problem still unsolved. The pages worth reading are the ones that fight back, and the market solutions here fall short. Now your AI can read the web, live and at scale. These aren't hypotheticals - we gave Fable 5 each of the tasks below using its built-in web fetch on July 7th. None of the five could be completed without the Web Access API.
You're building a shopping assistant, and a user asks which store has the Nintendo Switch 2 cheapest today. Fetch the three big retailers: Walmart demands you hold a button to prove you're human, Best Buy never answers at all, and only Target lets you in. With String: $449.99 at Target, $449.99 at Best Buy with pickup in an hour, refurbished at Walmart for $437.99. Your assistant answers with the whole market, not whichever store let you in.
You're a retail trader evaluating Cava. A plain fetch of its store-locator map comes back an empty JavaScript shell. One String call renders it and pulls all 485 locations as structured data, seven flagged “Coming Soon.” You collect a weekly store-opening pace as your signal, a month before it shows up in a 10-Q.
You're a pricing manager at an electronics retailer. Best Buy's sale prices load client-side, and an automated sweep would get you blocked - but not through String. Tonight's sweep catches the 65-inch LG C4 at $1,339.99, marked down $1,300. Your stores match before the first customer walks in.
You're an SDR selling data tooling, watching 400 accounts. Fetch Ramp's job board and you're told: “Enable JavaScript.” Through String: 124 open roles, six naming dbt or Snowflake. A bought list would surface this, but far too late. You call that afternoon, while the stack is being chosen.
You're taking a SaaS product to market against an incumbent. Reddit 403s large datacenter traffic on sight. Sweep it through String: in r/devops, “Datadog overcharging customers” sits at 373 upvotes and 116 comments. You launch with pricing and transparency messaging that meets the moment.
Why now?
Ask a model today's price, yesterday's headline, or job postings this week, and it can only work from a snapshot that's at least months old. The only way to answer accurately is to read the live web.
Because models search the web more, the majority of web traffic now comes from AI. This gap will only grow over time.
As automated traffic grows, sites pour more money into anti-bot, so the walls are reinforced every quarter. Clearing those walls is a full-time job for a dedicated team.
We are the web access layer for agents: reliable, able to clear anti-bot layers that only get harder, and callable within minutes. The market is crowded with extraction services. They each have their own docs, and many require you to configure multiple knobs per site. They tout “100%” success rates through benchmark manipulation, then return blocks, high latency, and manual work for every target, with no guarantee the data comes back. We built String to be the only web access API you need. Point it at a site, even a heavily defended one, and get the data. Nothing to configure, no wondering whether it works.
How did we do it?
At String, we've developed a novel unblocking methodology designed to circumvent blocks and challenges at internet scale. Anti-bot providers constantly change their detection and fingerprinting techniques; we stay ahead by making our request stack look indistinguishable from legitimate user traffic.
Web browsers expose a huge amount of telemetry that can be used to detect automation - information about the user's hardware, OS, language preferences, mouse movements, extensions, and more. All of it can be cross-correlated with network-level details like IP reputation, request headers, and TLS fingerprinting. Tied together, these signals tell a story about a request. Compared in aggregate, a single misconfiguration can expose automation and result in a block.
Making the entire request stack appear legitimate is not trivial. You can see this when you look at other extraction APIs. They might disguise some signals - routing through residential proxies, forging TLS fingerprints, aligning HTTP headers to real browser versions - but they fail to account for every fingerprinting vector that exposes a request or browser environment as automated. They get blocked.
In this game, perfection matters. Being perfect requires significant, repeated effort in understanding every method of blocking. Our team has spent their entire careers in web data - reverse-engineering anti-bots, deobfuscating JavaScript, testing proxies, and more. We wished we had this product when we started. So we built it.
How do you use it?
The String Web Access API is designed to be extremely simple to use - just supply a target URL and we handle the rest.
curl https://request.usestring.ai/v1/fetch \
-H "Authorization: Bearer sk_live_…" \
-H "Content-Type: application/json" \
-d '{ "url": "https://hard-target.com", "format": "markdown" }'The standard /fetch endpoint extends to support even the most complex extraction scenarios:
- Dynamic JSON schema extraction
- Browser actions support
- Screenshot support
- Markdown parsing
- JavaScript rendering
The /search endpoint provides real-time Google search data for a supplied query.
Need even more customization? Connect to the String cloud browser over any CDP client at /wss. The cloud browser natively handles humanizing inputs, and stealth is baked in at the C++ layer via a custom Chromium fork.
For /fetch to find the right URLs, we built a /map endpoint - usable in isolation too. Point it at a starting URL and String crawls the whole site to return the discovered URLs.
Get started
Get 500 free premium requests to hit the ground running once you sign up.
You can also integrate String into any MCP-compatible client using the official String MCP client:
npm i @usestring/mcpOr connect Claude, Codex, and others through the remote hosted MCP:
Cheers,
String team