Platform API Authentication
Generate an API key, authenticate requests, understand rate limits by plan, and handle errors correctly.
Generate an API key
~2 minFrom Dashboard → Settings → API Keys, click "Generate Key." Give it a descriptive label (e.g. "Production backend") and choose a scope if prompted. The key is shown once — copy it immediately and store it somewhere secure.
- Production keys are prefixed mk_live_; sandbox/testing keys are prefixed mk_test_
- Create separate keys per environment or integration so you can revoke one without affecting others
Authenticate your requests
~3 minPass your API key as a Bearer token in the Authorization header on every request: Authorization: Bearer mk_live_xxxxxxxxxxxx. All endpoints require HTTPS and return JSON.
- Never expose a live API key in client-side/browser code — always call the API from a server you control
- Rotate a key immediately from the dashboard if you suspect it has leaked
Understand rate limits
~2 minRate limits scale with your plan — from 100 requests/day on Free up to unlimited on Agency. Every response includes X-RateLimit-Remaining and X-RateLimit-Reset headers so you can track your usage without guessing.
- Exceeding your limit returns a 429 Too Many Requests response — back off and retry after the reset time
- Build retry logic with exponential backoff for production integrations to handle transient limits gracefully
Handle errors correctly
~3 minThe API returns standard HTTP status codes — 4xx for client errors (bad input, auth failures) and 5xx for server errors. Every error response includes a JSON body with an error field describing what went wrong in plain language.
- 422 responses include the specific validation error — check the error field rather than assuming generic invalid input
- Log the full response body during development; it's the fastest way to debug integration issues
FAQ
Common questions.
Do I need a paid plan to use the API?
No — the Free plan includes API access to public read endpoints at 100 requests/day. Paid plans unlock higher limits and write access to all endpoints.
Can I use the same API key across multiple products (SEOventra, AlShorty, etc.)?
Yes — a single Muqira API key authenticates across the whole platform; each endpoint is scoped to the specific product it belongs to.
Is there a JavaScript/Node SDK?
A lightweight SDK is in development. Until then, the REST API works directly with fetch or any standard HTTP client.
Where can I see the full endpoint reference?
The full list of available endpoints with example requests is on the API overview page at muqira.com/api.
Continue reading


