Create Access Keys API

You could use Master Key to do any operation on various API endpoints on While using this is highly feasible on the backend but not appropriate on the Frontend.

Exposing the Master Key while trying to read a record in Frontend might end up exposing your key to other users which may carry any operation on your JSONBin records with the Master Key.

In-order to fix the above, you can now create an Access Key using which, you can now configure and grant access to specific API endpoints for specific Access Keys.

Users who has the key can only access those API endpoints to which the access is granted.




Request Type


Request Headers

Below are the list of Accepted Request Headers if you are trying to Create a JSON record.

Request Header Value Required
X-Master-Key <API_KEY> Yes
Content-Type Required

Set the Content-Type header to application/json. This needs to be passed with every POST request you make on the Create Access Keys Route. Failing to pass this in the Header will result in an error.

X-Master-Key Required

X-Master-Key is nothing but your Core API Access Key. You will need this Key to access mostly any API end-point on JSONBin. You could find the key on the API Keys page.

X-Key-Name Required

You can set the Key Name using X-Key-Name header. You can set a maximum of 32 characters as Key Name.

Payload Sample

Info As of now, you can only configure API Access Keys for Bins API. Going forward, we will add more endpoints which can be configured to access using API Access Keys.

  bins: {
    read: true,
    update: false,
    delete: false,
    create: true,

Code Samples

  • cURL
  • JavaScript (ES6)
  • Python 3
  • Ruby
curl -v\
  -H "Content-Type: application/json" \
  -H "X-Master-Key: <YOUR_API_KEY>" \
  -H "X-Key-Name: <ACCESS_KEY_NAME>" \
  --request POST \
  --data "<PAYLOAD_SAMPLE>" \
let req = new XMLHttpRequest();

req.onreadystatechange = () => {
  if (req.readyState == XMLHttpRequest.DONE) {
};"POST", "", true);
req.setRequestHeader("Content-Type", "application/json");
req.setRequestHeader("X-Master-Key", "<YOUR_API_KEY>");
req.setRequestHeader("X-Key-Name", "<ACCESS_KEY_NAME>");
import requests
url = ''
headers = {
  'Content-Type': 'application/json',
  'X-Master-Key': '<YOUR_API_KEY>',
  'X-Key-Name': '<ACCESS_KEY_NAME>'

req =, json=data, headers=headers)
require 'net/http'
require 'json'

uri = URI("")
res = Net::HTTP.start(, uri.port, use_ssl: true) do |http|
  req =
  req['Content-Type'] = 'application/json'
  req['X-Master-Key'] = '<YOUR_API_KEY>'
  req['X-Key-Name'] = '<ACCESS_KEY_NAME>'

  req.body = <PAYLOAD_SAMPLE>.to_json

puts res.body

Request Response

Success Status Code: 200
  "accessKey": "<ACCESS_KEY>",
  "keyPermissions": {
      "bins": {
          "update": false,
          "delete": false,
          "create": true,
          "read": true
  "accessKeyId": "<ACCESS_KEY_ID>",
  "metadata": {
      "name": "<ACCESS_KEY_NAME>"
Error Status Code: 400, 401, 403, 404
  "message": "<Error Message>"

For more information on the error codes & errors you might possibly encounter, refer to the below section.

Error Reference

  • 400 Bad Request
  • 401 Unauthorized
  • 403 Forbidden
X-Key-Name cannot be blank

You need to pass X-Key-Name to set the Name of the Access Key. This header is compulsory.

Name of the Key name cannot be above 32 characters

You'll encounter this error if your Access Key name is more than 32 characters.

Validation failed, please try again

You need to pass the exact payload as suggested above in the document.

You need to pass X-Master-Key in the header to generate Access Key

In-order to create the Access Key, you need to pass the X-Master-Key header. You can find X-Master-Key on API Keys page

Invalid X-Master-Key provided

X-Master-Key which is passed is invalid. Verify it once on API Keys page

You cannot create more than 3 access keys.

You are allowed to create up to 3 Access Keys only. Delete the older Access Keys in-order to generate new.

Requests exhausted. Buy additional requests at

You'll encounter this error if you've consumed all the available requests. You can purchase additional requests.

Create a Free Account

Create an Account View Pricing