API
API Keys & Authentication

How to use API Keys

Safe Infrastructure APIs are accessible without authentication for exploration, and with an API key for production use. Authenticated requests receive significantly higher rate limits, dedicated quotas, and prioritized reliability.

This guide explains how to generate an API key and use it in your requests.

Getting a Safe API Key

  1. Visit the developer dashboard (opens in a new tab).
  2. Create an account (if you haven't already).
  3. Generate your API key in the API Keys section.

The API Key is a JWT. You can configure the expiration period and revoke it at any time via the dashboard.

Using Your API Key

To authenticate your requests, include your API key in the Authorization header. Below, there are different request examples. We use EIP3770 names for chains, so for example, for Ethereum Mainnet (eth):


_10
curl -X GET "https://api.safe.global/tx-service/eth/api/v2/safes/0x5298a93734c3d979ef1f23f78ebb871879a21f22/multisig-transactions" \
_10
-H "Authorization: Bearer $YOUR_API_KEY"

Plans & Pricing

For available plans and current pricing, visit Safe API plans ↗ (opens in a new tab). To subscribe, log in to the developer dashboard ↗ (opens in a new tab).

Unauthenticated access is available for exploration only: 2 RPS and 5,000 monthly requests. Any meaningful production usage requires authentication.

One API unit equals 1 HTTP request to any Safe Infrastructure endpoint. For full details on enforcement behavior when limits are reached, see Quotas & Limits.

Error Handling

If your API key is invalid or your account hits a limit, the API returns standard HTTP error codes:

  • 401 Unauthorized: Invalid or missing API key.
  • 429 Too Many Requests: Rate limit or quota exceeded. See Quotas & Limits for how to handle this.

Make sure your application gracefully handles these errors to avoid disruptions.

Best Practices

  • Store keys securely: Use environment variables or secure vaults instead of hard-coding API keys in your application.
  • Rotate keys periodically: Periodically rotate your API keys to minimize potential security risks.
  • Revoke compromised keys immediately: If an API key is compromised, revoke it immediately via the dashboard and generate a new one.
  • Use separate keys per environment: Maintain different keys for development, staging, and production.

FAQs

What if I need a higher plan?

Contact the Safe team at support@safe.global to discuss custom plans and pricing.

What happens if I exceed my quota?

When you reach your monthly quota, subsequent requests are blocked with an HTTP 429 response. You can monitor your remaining quota via response headers on every API call. See Quotas & Limits for details.

Can I use the API without authentication?

Unauthenticated access is available for exploration only, with significantly lower limits (2 RPS, 5,000 monthly requests). Any meaningful production usage requires authentication.

Didn't find your answer? Reach out at support@safe.global.

OverviewQuotas & Limits

Was this page helpful?