Logo
Supacrawler

Authentication

You'll need to authenticate your requests to access any of the endpoints in the Supacrawler API. We use API key authentication for all requests - it's simple, secure, and reliable.

API Key Authentication

All Supacrawler API requests require authentication using an API key passed in the Authorization header. Your API key is available in your Supacrawler dashboard.

Example request with API key

curl https://api.supacrawler.com/api/v1/scrape \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -G -d url="https://example.com"

Always keep your API key secure and never commit it to version control or share it publicly.

Getting Your API Key

  1. Sign up or log in to Supacrawler
  2. Navigate to your API Keys dashboard
  3. Create a new API key or copy your existing key
  4. Use the key in the Authorization header as shown above

API Key Security

Your API key grants access to your Supacrawler account and usage limits. Keep it secure!

Best Practices

  • Never commit API keys to version control - Use environment variables instead
  • Rotate keys regularly - Generate new keys periodically and revoke old ones
  • Use different keys for different environments - Separate keys for development, staging, and production
  • Monitor usage - Check your dashboard regularly for unexpected usage patterns

Environment Variables

Store your API key in environment variables:

Environment setup

# Add to your .env file
SUPACRAWLER_API_KEY=your_api_key_here

# Use in your application
curl https://api.supacrawler.com/api/v1/scrape \
  -H "Authorization: Bearer $SUPACRAWLER_API_KEY" \
  -G -d url="https://example.com"

Rate Limiting

API keys are subject to rate limits based on your plan:

  • Free tier: 100 requests per hour
  • Pro tier: 1,000 requests per hour
  • Enterprise: Custom limits

Rate limit information is included in response headers:

Rate limit headers

X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 999
X-RateLimit-Reset: 1640995200

Error Responses

If your API key is invalid or missing, you'll receive a 401 Unauthorized response:

Authentication error

{
  "success": false,
  "error": "Invalid or missing API key",
  "code": "UNAUTHORIZED"
}

Using SDKs

If you use one of our official SDKs (coming soon), you won't have to worry about manually setting headers - just configure your API key once and the SDK handles the rest.

Check out our upcoming SDKs

Was this page helpful?