Skip to main content
Parse has two ways to authenticate, depending on how you’re connecting:
  • API key — for REST calls, scripts, and backends. (This page.)
  • OAuth — for MCP clients like Claude Code and Cursor, which handle login for you. (See MCP Server.)

Get an API key

API keys are created in the dashboard — you can’t mint one over the API (creating a key requires a logged-in session, not another key).
  1. Log in to parse.bot
  2. Go to Settings → API Keys
  3. Click Create key, give it a name (e.g. production, laptop, ci), and optionally set an expiry
  4. Copy the key immediately — the full value is shown only once
You can create as many keys as you like — one per app or environment is good practice, so you can revoke a single key without disrupting the others. Every key starts with the prefix pmx_.
Treat keys like passwords. Store them in a secret manager or environment variable, never in source control. If a key leaks, revoke it in the dashboard and create a new one — revoking is instant.

Use your key

Send the key in the X-API-Key header on every request:
curl https://api.parse.bot/dispatch/tasks \
  -H "X-API-Key: pmx_your_key_here"
As an alternative, you can pass it as a bearer token — useful with HTTP clients that have first-class Authorization support:
curl https://api.parse.bot/dispatch/tasks \
  -H "Authorization: Bearer pmx_your_key_here"
Both are equivalent. If you send both headers, X-API-Key wins.

What needs a key

SurfaceAuth
GET /marketplace/*None — public search/browse
POST /dispatch, GET /dispatch/tasks, revise, export, updatesAPI key
POST /scraper/{id}/{endpoint} (execution)API key
POST /mcpOAuth or API key

MCP clients

If your MCP client supports OAuth (Claude Code, Cursor, Claude Desktop), you don’t need a key at all — just point it at the server and it opens a browser login:
{
  "mcpServers": {
    "parse": { "url": "https://api.parse.bot/mcp" }
  }
}
For clients without OAuth, pass your key in headers instead:
{
  "mcpServers": {
    "parse": {
      "url": "https://api.parse.bot/mcp",
      "headers": { "X-API-Key": "pmx_your_key_here" }
    }
  }
}
Full setup and the OAuth flow details are in the MCP Server guide.

Troubleshooting auth

  • 401 Unauthorized — the key is missing, malformed, expired, or revoked. The header name is case-insensitive (X-API-Key, x-api-key, X-Api-Key all work), but the key value is case-sensitive and must start with pmx_. Watch for stray quotes or whitespace around the value.
  • 404 Not Found — make sure you’re hitting https://api.parse.bot and the exact path (e.g. /dispatch, not /api/dispatch).
See Errors & Troubleshooting for the full reference.