API Terms

1 API Access

Access requires a personal access token issued to your account. You may send it as Authorization: Bearer <token> or X-API-Key. You are responsible for key secrecy and rotation.

2 Security Controls

Requests are validated for payload and content type, monitored for abuse, and may require CAPTCHA challenge for suspicious traffic. Request signing may be mandatory when enabled by environment policy.

3 Usage Limits & Plan Access

API usage is rate-limited by IP and user, with plan-based daily limits and per-tool access rules. Premium and free tiers have different thresholds and tool availability.

4 Prohibited Behavior

You must not scrape, automate abuse, replay signed requests, bypass controls, reverse engineer restricted behavior, or attempt unauthorized access. Violations may result in temporary or permanent blocking.

5 Monitoring, Logging, and Enforcement

Security events are logged and may be reviewed by administrators. Abuse signals can trigger automated blocks, CAPTCHA escalation, and account/IP restrictions.

6 Service Changes

We may modify API behavior, response fields, and security requirements over time. You must keep your client integrations updated to remain compliant.