Secure API Access

Authentication

All API requests require authentication using an API key. Create a key in the dashboard, save the token when Scrappa reveals it once, then use it in Playground or your application.

API Key Authentication

Include your API key in the X-API-KEY header with every request.

curl -X GET "https://scrappa.co/api/search?query=coffee" \
  -H "X-API-KEY: YOUR_API_KEY"

Getting Your API Key

Create a free account at scrappa.co

Navigate to Dashboard

Go to your account dashboard

Create a Key

Open API Keys and create a new key

Save the Revealed Token

Copy and store the token before confirming it is saved

Open Playground

Use the saved token to run a test request in Playground

API tokens are shown once

After you confirm a token is saved, Scrappa hides it permanently. If you lose the saved token, create a replacement key and update your app before revoking the old one.

Get Your API Key Manage API Keys

Authentication Errors

If your API key is missing or invalid, you'll receive a 401 Unauthenticated response:

{
  "message": "Unauthenticated"
}

Security Best Practices

Never commit your API key to version control

Store API keys in environment variables or secure config files

Rotate your API keys regularly

Use different API keys for dev, staging, and production

Revoke compromised keys immediately and generate new ones

Keep Your API Key Secret

Never expose your API key in client-side code or public repositories. If you suspect your key has been compromised, revoke it immediately from your dashboard.