Authentication and API keys
All requests to the Scrapering API must be authenticated using an API key.
API Key
Find your API key in the dashboard under API Keys.
Pass the key in the Authorization request header.
Never expose your API key in client-side code or public repositories.
Key scoping and limiting
API keys can be scoped to URL Scraper, SERP Scraper, or both. You can also limit keys by number of allowed requests per day and per month.
Key rotation
You can generate a new API key at any time from the dashboard. Any key can be rotated: the old key is invalidated immediately.
Rate limits
When you exceed the rate limit, the API returns 429 Too Many Requests. Parse the following response headers to work with the rate limiting:
| Header | Example | Meaning |
|---|---|---|
| X-Ratelimit-Limit | 100 | The number of requests allowed per minute |
| X-Ratelimit-Remaining | 60 | The number of allowed requests remaining in the time window |
| X-Ratelimit-Reset | 2026-01-01T00:00:00.000Z | Rate limiting window reset time |
| Retry-After | 2026-01-01T00:00:00.000Z | Wait for this time until continuing |
Errors
All authentication errors return 401 Unauthorized
Next steps
- Pricing — understand how credits are charged per request
- URL Scraper — create your first URL scraping task
- Google SERP Scraper — create a Google SERP task