Authentication
All API requests to Serply require authentication using an API key.
API Key Authentication
An API key is a token that you provide when making API calls. Include the token in a header parameter called X-Api-Key.
Authenticated requests must include an X-Api-Key header containing your subscription's API Key.
Security Schema
| Type | Header Name | Example Token |
|---|---|---|
| API Key | X-Api-Key |
2505adfbfbmshd20dee55ce912f8p17bd |
Example Request
curl --header 'X-Api-Key: YOUR_API_KEY' \
'https://api.serply.io/v1/search?q=query' | jq
In the following example, X-Api-Key represents the auth token for your account.
Getting Your API Key
You can view and manage your API keys in the Dashboard.
Security Best Practices
Be sure to keep your API keys secure. Do not share them in publicly accessible areas such as GitHub, client-side code, and so forth.
- Never commit your API key to version control
- Use environment variables to store your API key
- Rotate your API key regularly
- Only make API requests over HTTPS
Also note that all API requests must be made over HTTPS. Calls made over plain HTTP will attempt to be automatically upgraded to HTTPS, though this use case is discouraged.
Rate Limits
API requests may be rate limited depending on your subscription plan and traffic patterns. The following response headers will be present in these cases:
| Header | Description |
|---|---|
x-ratelimit-requests-limit |
The maximum number of requests that the consumer is permitted to make |
x-ratelimit-requests-remaining |
The number of requests remaining in the current rate limit window |
When the rate limit is exceeded, an error is returned with the status "429 Too Many Requests". See the Errors guide for more details.