Authentication

Last updated April 9, 2026

Every request to the Panelr API must be authenticated using your API key, passed as a request header. There are no cookies, sessions, or OAuth flows.

Generate your API key from the API settings page in your Panelr admin panel. Treat it like a password — do not expose it in client-side code, version control, or public repositories.

Required Headers

X-Panelr-API-Key — Your API key
Content-Type — application/json (POST requests only)

GET Request Example

curl -X GET "https://YOUR_DOMAIN/api/api.php?action=get_products" \
-H "X-Panelr-API-Key: YOUR_API_KEY"

POST Request Example:

curl -X POST "https://YOUR_DOMAIN/api/api.php?action=create_activation" \
-H "X-Panelr-API-Key: YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{"product_id": 1, "customer_email": "[email protected]"}'

Authentication Errors

If the API key is missing or invalid, the API returns HTTP 401:

{
  "success": false,
  "data": null,
  "error": "Invalid or missing API key."
}

Rate Limiting

Successful requests are capped at 120 per minute per IP. Repeated failed authentication attempts will result in a temporary block before that limit is reached.

Overview

Errors