Skip to main content


The PathLit API is based on REST, has resource-oriented URLs, returns JSON-encoded responses, and returns standard HTTP response codes.

The base url for the API is:

The PathLit API is a private API, you need to be authenticated before you can execute requests against the platform. You do so with an API key (also refered as token). There is currently no frontend available.

All request and response payloads are JSON encoded. To communicate with the API, the client must allow the application/json MIME type in its accept header. The following are some compatible headers.

accept: */*accept: application/json


API Tokens#

PathLit authenticates your API requests using your account’s API token. To use any PathLit API endpoints, you must pass an API token with each request. If you do not include your API token when making an API request, or use one that is incorrect or disabled, the PathLit API will returns an error code: 403 Forbidden.

{  "message": "Forbidden"}

An API token is automatically generated when a PathLit account is created. Tokens are unique and are associated with the credentials (user email and user password). An API token should be kept confidential.

Protecting your API tokens#

Keep your secret token safe. Your secret token can make any API call on behalf of your account. The Pathlit API is currently in early alpha preview, and though there are no costs incurred at this stage from misuse, it's still best practice to protect your token.

Do not store your secret token in your version control system (github, gitlab etc.).

If you believe that your account/API token has been compromised, please contact the PathLit team: we will invalidate it and regenerate a new one for you.

It is recommended to not embed API tokens directly in code. Instead, put them in environment variables or in include files that are stored separately from the bulk of your code—outside the source repository of your application. Then, if you share your code, the API token will not be included in the shared files.

Error Codes#

PathLit uses HTTP response codes to indicate the success or failure of an API request.

General HTML status codes:

HTTP CODETypeDescription
2xxSucessThis class of status codes indicates the action requested by the client was received, understood, and accepted
4xxIncorrect ValuesThis class of status code is intended for situations in which the error seems to have been caused by the client.
5xxIncorrect ValuesThe server failed to fulfil a request.

Request Limits#

The Alpha preview has the following limits:

5000 requests per month20 requests per second40 requests per second

(Not enough? let us know!)