Skip to main content
The SolixDB API uses API key authentication for all endpoints. You need an API key to make requests, and rate limits are based on your subscription plan.

Getting an API Key

  1. Sign up at dashboard.solixdb.xyz
  2. Navigate to the API Keys section
  3. Create a new API key
  4. Copy your API key (you’ll only see it once!)
Keep your API key secure! Never commit API keys to version control or share them publicly. If your key is compromised, revoke it immediately and create a new one.

Using Your API Key

You can provide your API key in two ways: Include your API key in the x-api-key header: 
curl -X POST "https://api.solixdb.xyz/v1/rpc" \
  -H "Content-Type: application/json" \
  -H "x-api-key: YOUR_API_KEY" \
  -d '{
    "jsonrpc": "2.0",
    "id": 1,
    "method": "getTransactions",
    "params": [{"limit": 10}]
  }'

Query Parameter

Alternatively, you can pass the API key as a query parameter: 
curl -X POST "https://api.solixdb.xyz/v1/rpc?api-key=YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "jsonrpc": "2.0",
    "id": 1,
    "method": "getTransactions",
    "params": [{"limit": 10}]
  }'
Best Practice: Use the header method for better security, as query parameters may be logged in server access logs.

Authentication Errors

If your API key is invalid or missing, you’ll receive a 401 Unauthorized response: 
{
  "error": "Unauthorized",
  "message": "API key is required. Provide it via x-api-key header or api-key query parameter."
}
Status Code: 401 Unauthorized Common causes:
  • Missing API key header
  • Invalid or inactive API key
  • API key has been revoked

Subscription Plans

Rate limits are based on your subscription plan:
PlanRequests per MinuteFeatures
Free100Basic access to all endpoints
x402500Higher rate limits, priority support
Enterprise2000Highest rate limits, dedicated support, custom features
For details on rate limiting, see our Rate Limiting guide.

Rate Limit Headers

Every API response includes rate limit information in the headers: 
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 95
X-RateLimit-Reset: 2025-07-20T12:01:00Z
X-RateLimit-Plan: free
Retry-After: 5

Header Descriptions

  • X-RateLimit-Limit: Maximum requests allowed per minute for your plan
  • X-RateLimit-Remaining: Remaining requests in the current window
  • X-RateLimit-Reset: ISO 8601 timestamp when the rate limit window resets
  • X-RateLimit-Plan: Your current subscription plan (free/x402/enterprise)
  • Retry-After: Seconds to wait before retrying (only present on 429 responses)

Example: Checking Rate Limits

async function makeRequest(url, apiKey, body) {
  const response = await fetch(url, {
    method: 'POST',
    headers: {
      'Content-Type': 'application/json',
      'x-api-key': apiKey
    },
    body: JSON.stringify(body)
  });

  // Check rate limit headers
  const limit = parseInt(response.headers.get('X-RateLimit-Limit'));
  const remaining = parseInt(response.headers.get('X-RateLimit-Remaining'));
  const plan = response.headers.get('X-RateLimit-Plan');

  console.log(`Plan: ${plan}, Limit: ${limit}/min, Remaining: ${remaining}`);

  // If using more than 80% of budget, slow down
  if (remaining < limit * 0.2) {
    console.warn('Rate limit nearly exhausted, consider slowing down');
  }

  return response;
}

Security Best Practices

Use environment variables or secure secret management systems. Never commit API keys to version control.
Periodically rotate your API keys, especially if you suspect they may have been compromised.
Use separate API keys for development, staging, and production environments.
Regularly check your API key usage in the dashboard to detect any unauthorized access.
If you suspect your key is compromised, revoke it immediately in the dashboard and create a new one.

Next Steps

Rate Limiting

Learn about plan-based rate limits and best practices.

JSON-RPC API Reference

Explore all available methods.

Getting Started

Make your first API request.

Error Handling

Understand error responses and how to handle them.