Skip to main content

API Key

All requests require a 9Pic API key. Include it in the X-API-Key header. 
X-API-Key: <your_9pic_api_key>

Creating an API Key

You can create API keys directly from the 9Pic dashboard.
1

Open Developer Zone

Go to the Developer Zone page from the left sidebar.
2

Create a new token

Click Create Token. A confirmation dialog will appear — click Create Token again to confirm.
3

Copy your token

Your new API key will be displayed. Click the copy button to copy it to your clipboard and store it in a safe place.
The full API key is shown only once when you create it. If you lose it, you will need to delete the old token and create a new one.
Each organisation can have up to 10 API tokens. You can deactivate or delete tokens at any time from the Developer Zone page.

Host Validation

Requests are validated against approved hostnames. If your host is not approved, you will receive a 403 response.

Ownership Validation

Some endpoints require that the org_id in the URL matches the organisation the token belongs to, and that the event_id belongs to that organisation. Requests that do not match ownership will return 403.

Managing Tokens

From the Developer Zone page you can:
  • Activate / Deactivate a token using the toggle switch. Deactivated tokens are immediately rejected by the API.
  • Delete a token permanently. Any service using that token will immediately lose access.

Error Responses

StatusMeaning
401API key is missing from the request
403API key is invalid, inactive, token does not belong to the organisation, event does not belong to the organisation, or host is not approved