Authentication
Learn how to authenticate your ScrapingForge API requests using Bearer tokens.
All API requests require authentication using your API key as a Bearer token.
API Keys
Get your API key from the dashboard after signing up. API keys must start with the sf_ prefix.
Security Best Practices:
- Never commit API keys to version control
- Use environment variables to store keys
- Rotate keys regularly
- Don't share keys publicly
Bearer Token
Include your API key in the Authorization header as a Bearer token:
Authorization: Bearer sf_your_api_key_here
Example Requests
cURL
curl https://api.scrapingforge.com/api/v1/scraper \
-H "Authorization: Bearer sf_your_api_key" \
-H "Content-Type: application/json" \
-d '{"url": "https://example.com"}'
Python
headers = {
"Authorization": f"Bearer {api_key}",
"Content-Type": "application/json"
}
response = requests.post(url, json=payload, headers=headers)
Node.js
const headers = {
'Authorization': `Bearer ${apiKey}`,
'Content-Type': 'application/json'
};
axios.post(url, payload, { headers });
Rate Limiting
Rate limits and credit usage are tracked per organization. All API responses include credit consumption information in the response headers.
Error Responses
401 Unauthorized
Missing or invalid API key:
{
"error": "Unauthorized",
"message": "Invalid API key"
}
429 Too Many Requests
Rate limit exceeded:
{
"error": "Rate limit exceeded",
"retry_after": 60
}