API Keys

The Bitcompare API offers two access tiers: a free tier with no key required, and an authenticated tier with higher rate limits and usage tracking.

Free tier (no key)

All read endpoints work without authentication. Unauthenticated requests are rate-limited per IP at the Free-tier rate (30 requests per minute, 10,000 per month). See Rate Limiting for the full tier breakdown.

curl https://api.bitcompare.net/api/v1/prices/BTC

This is ideal for prototyping, low-traffic integrations, and getting started quickly.

Authenticated tier (API key)

Pass your API key as a Bearer token in the Authorization header to unlock higher rate limits and per-key usage tracking.

Key format

All consumer API keys are issued with a ck_live_ prefix followed by 64 hex characters (e.g., ck_live_a1b2c3d4...). Create and manage keys at the Bitcompare dashboard.

Passing the key

Include your API key as a Bearer token in the Authorization header on every request:

curl https://api.bitcompare.net/api/v1/prices/BTC \
  -H "Authorization: Bearer ck_live_your_key_here"

Available scopes

API keys are issued with read-only scopes that control which endpoints the key can access:

Rate limits by tier

Chart endpoints are additionally capped at 30 req/min on the Free tier. See Rate Limiting for headers and handling 429 responses, or pricing for the full plan comparison.

Security best practices

1. Never expose keys in client-side code — do not embed API keys in JavaScript that runs in the browser. Make API calls from your server or backend.
2. Use environment variables — store keys in .env files or your platform's secrets manager, not in source code.
3. Rotate keys regularly — if a key is compromised, revoke it immediately and generate a new one.
4. Use separate keys per environment — create distinct keys for development, staging, and production from the dashboard so you can rotate and track usage independently.
5. Restrict scopes — request only the scopes your application needs.