Authentication

All API requests require an API key sent in the X-API-Key header.

API Key Format

wm_sk_live_a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6
wm_sk_test_a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6

Keys starting with wm_sk_live_ are production keys. Keys starting with wm_sk_test_ are for testing.

Sending Requests

Include the API key in the X-API-Key header:

curl https://api.web3.market/api/auth/me \
  -H "X-API-Key: wm_sk_live_a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6" \
  -H "Accept: application/json"

Validating Your Key

GET /api/auth/me

Returns the user info associated with the API key:

{
  "id": 42,
  "name": "John Doe",
  "email": "[email protected]",
  "tier": "pro",
  "features": ["mainnet-deploy", "ai-review", "marketplace-publish"]
}

If the key is invalid or expired, returns 401:

{
  "error": {
    "code": "UNAUTHORIZED",
    "message": "Invalid or expired API key."
  }
}

Getting an API Key

Sign up at web3.market
Go to Dashboard > Plan & API
Click New Key
Copy the key immediately — it is only shown once

Using the Key in the CLI

w3m auth wm_sk_live_your_key_here

This validates the key and stores it in ~/.web3market/credentials.json. All subsequent CLI commands use the stored key automatically.

You can also set it as an environment variable:

WEB3MARKET_API_KEY=wm_sk_live_your_key_here

The CLI checks the environment variable first, then falls back to the stored credentials file.

⚠️

Do not commit API keys to version control. The ~/.web3market/credentials.json file is stored in your home directory, not in your project.

Rate Limits

Tier	Requests / minute	Requests / day
Free	30	1,000
Pro	120	50,000
Enterprise	600	500,000

Rate limit headers are included in every response:

X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 987

Overview Templates