Basics of how to authenticate with the Pinata API

To connect to the Pinata API, you will need to generate Pinata API Keys. Visit the Pinata API Keys page to generate new keys.

When you click "New API Key" you will be prompted to select permissions and the number of uses for the key you generate. Admin privileges, as you might expect, have access to all API endpoints. If you'd like to specify specific endpoints, you can do so by expanding the endpoint's parent route and toggling on the permission.

By default, all keys have unlimited use. However, if you'd like to limit the number of times a key can be used, you can do so by setting the Max Uses field.

By setting a Key Name, you will be able to easily identify the key and its purpose.
Any key can have its access revoked by clicking the Revoke button. Once a key has been revoked, it can no longer be utilized for any purpose.


When you generate your keys, you will see a modal with the Pinata API Key, Pinata API Secret, and the JWT.

Your "Pinata API Key" acts as your public key for our REST API, and your "Pinata Secret API Key" acts as the password for your public key. The JWT is an encoded mix of the two. Be sure to keep your secret key private.

For added customer security, these keys are encrypted on Pinata's side and will only ever be displayed once, so write them down. If you lose these values you'll need to revoke the key and create a new one.

Connecting to the Pinata API

The base URL for Pinata requests is:
You have two ways of connecting to the Pinata API:

  • Bearer Authentication
  • Custom Headers

To use the bearer authentication model, you will need the JWT that is generated when creating API keys. This token can be used as an Authorization header for all your API requests in the following format:

"Authorization": "Bearer YOUR_JWT"