Authentication
Learn how to authenticate your API requests using API keys.
Overview
The DorkList API uses API keys to authenticate requests. You can create and manage your API keys from your account settings. API access is available exclusively to Pro subscribers.
Pro Feature
API access requires an active Pro subscription. You can start a 7-day free trial to test the API.
Getting Your API Key
- Go to your Account Settings
- Scroll down to the "API Keys" section
- Click "Generate New Key"
- Copy and securely store your API key
Important
Your API key is only shown once when created. Store it securely - we cannot recover it if lost. You can always generate a new key if needed.
API Key Format
DorkList API keys follow this format:
text
dk_a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6All keys start with the dk_ prefix followed by 32 alphanumeric characters.
Using Your API Key
Include your API key in the Authorization header of every request using the Bearer token scheme:
bash
curl -X GET "https://dorklist.com/api/v1/dorks" \ -H "Authorization: Bearer dk_your_api_key_here" \ -H "Content-Type: application/json"Authentication Errors
If authentication fails, you'll receive one of these error responses:
| Error Code | Status | Description |
|---|---|---|
| MISSING_AUTH | 401 | No Authorization header provided |
| INVALID_FORMAT | 401 | Key doesn't match dk_* format |
| INVALID_KEY | 401 | API key not found or invalid |
| KEY_INACTIVE | 401 | API key has been deactivated |
| KEY_EXPIRED | 401 | API key has expired |
| NOT_PRO_USER | 403 | Active Pro subscription required |
Example Error Response
json
{ "success": false, "error": { "code": "INVALID_KEY", "message": "Invalid API key" }}Security Best Practices
- •Never expose your API key in client-side code. Always make API calls from your server.
- •Use environment variables to store your API key, never hardcode it in your source code.
- •Rotate your keys periodically and immediately if you suspect they've been compromised.
- •Set expiration dates on API keys when possible for added security.