Authentication
To connect to the Pinata API, you will need to generate Pinata API Keys. Visit the Pinata API Keys page to generate new keys.
When you click "New API Key" you will be prompted to select permissions and the number of uses for the key you generate. Admin privileges, as you might expect, have access to all API endpoints. If you'd like to specify specific endpoints, you can do so by expanding the endpoint's parent route and toggling on the permission.
By default, all keys have unlimited use. However, if you'd like to limit the number of times a key can be used, you can do so by setting the Max Uses field.
By setting a Key Name, you will be able to easily identify the key and its purpose.
Any key can have its access revoked by clicking the Revoke button. Once a key has been revoked, it can no longer be utilized for any purpose.
When you generate your keys, you will see a modal with the Pinata API Key, Pinata API Secret, and the JWT.
Your "Pinata API Key" acts as your public key for our REST API, and your "Pinata Secret API Key" acts as the password for your public key. The JWT is an encoded mix of the two. Be sure to keep your secret key private.
For added customer security, these keys are encrypted on Pinata's side and will only ever be displayed once, so write them down. If you lose these values you'll need to revoke the key and create a new one.
The base URL for Pinata requests is:
https://api.pinata.cloudYou have two ways of connecting to the Pinata API:
- Bearer Authentication
- Custom Headers
To use the bearer authentication model, you will need the JWT that is generated when creating API keys. This token can be used as an
Authorization header for all your API requests in the following format:"Authorization": "Bearer YOUR_JWT"
get
https://api.pinata.cloud
/data/testAuthentication
Test your API keys and your ability to connect to the Pinata API.
Parameters
Header
Authorization*
Bearer PINATA-JWT
Responses
200: OK
{message: "Congratulations! You are communicating with the Pinata API!"}
If not using bearer authentication, your API requests will need to include two headers:
pinata_api_key: (put your personal pinata api key here)
pinata_secret_api_key: (put your personal pinata secret api key here)
get
https://api.pinata.cloud
/data/testAuthentication
Test your API keys and your ability to connect to the Pinata API.
Parameters
Header
pinata_api_key*
PINATA-API-KEY
pinata_secret_api_key*
PINATA-SECRET-API-KEY
Responses
200: OK
Going forward, all examples will use the JWT Bearer Authentication format for simplicity.
Let's try connecting to the Pinata API via the
data/testAuthentication endpoint (This endpoint requires an admin key to call).cURL
Node.js
Python
Go
curl --location --request GET 'https://api.pinata.cloud/data/testAuthentication' \
--header 'Authorization: Bearer PINATA_JWT'
var axios = require('axios');
var config = {
method: 'get',
url: 'https://api.pinata.cloud/data/testAuthentication',
headers: {
'Authorization': 'Bearer PINATA_JWT'
}
};
const res = await axios(config)
console.log(res.data);
import requests
url = "https://api.pinata.cloud/data/testAuthentication"
payload={} headers = { 'Authorization': 'Bearer PINATA_JWT' }
response = requests.request("GET", url, headers=headers, data=payload)
print(response.text)
package main
import ( "fmt" "net/http" "io/ioutil" )
func main() {
url := "https://api.pinata.cloud/data/testAuthentication" method := "GET"
client := &http.Client { } req, err := http.NewRequest(method, url, nil)
if err != nil { fmt.Println(err) return } req.Header.Add("Authorization", "Bearer PINATA_JWT")
res, err := client.Do(req) if err != nil { fmt.Println(err) return } defer res.Body.Close()
body, err := ioutil.ReadAll(res.Body) if err != nil { fmt.Println(err) return } fmt.Println(string(body)) }GoJavaScript with Axios example:
Have a suggestion? Have a complaint? Confused about something in the documentation? Just want to say hi?
We want to make Pinata the best product available. That involves listening to our users and addressing their needs.
Last modified 3mo ago