- API key — for REST calls, scripts, and backends. (This page.)
- OAuth — for MCP clients like Claude Code and Cursor, which handle login for you. (See MCP Server.)
Get an API key
API keys are created in the dashboard — you can’t mint one over the API (creating a key requires a logged-in session, not another key).- Log in to parse.bot
- Go to Settings → API Keys
- Click Create key, give it a name (e.g.
production,laptop,ci), and optionally set an expiry - Copy the key immediately — the full value is shown only once
pmx_.
Treat keys like passwords. Store them in a secret manager or environment variable, never in source control. If a key leaks, revoke it in the dashboard and create a new one — revoking is instant.
Use your key
Send the key in theX-API-Key header on every request:
Authorization support:
X-API-Key wins.
What needs a key
| Surface | Auth |
|---|---|
GET /marketplace/* | None — public search/browse |
POST /dispatch, GET /dispatch/tasks, revise, export, updates | API key |
POST /scraper/{id}/{endpoint} (execution) | API key |
POST /mcp | OAuth or API key |
MCP clients
If your MCP client supports OAuth (Claude Code, Cursor, Claude Desktop), you don’t need a key at all — just point it at the server and it opens a browser login:Troubleshooting auth
401 Unauthorized— the key is missing, malformed, expired, or revoked. The header name is case-insensitive (X-API-Key,x-api-key,X-Api-Keyall work), but the key value is case-sensitive and must start withpmx_. Watch for stray quotes or whitespace around the value.404 Not Found— make sure you’re hittinghttps://api.parse.botand the exact path (e.g./dispatch, not/api/dispatch).