Authentication

All API requests require authentication via an API key passed in the X-API-Key header.

Creating an API key

  1. Go to Dashboard > API Keys
  2. Click Create Key
  3. Copy the key immediately - it is only shown once

The key has a tp_ prefix. Only the prefix is stored for identification.

Using your key

Include the key in every request:

curl -H "X-API-Key: tp_your_key_here" \
  https://turbopentest.com/api/pentests

Error responses

StatusMeaning
401Missing or invalid API key
402No credits available
403Domain not verified or insufficient permissions
400Invalid request body
404Resource not found

All errors return JSON:

{
  "error": "Description of the error"
}

Rate limits

The API is rate-limited to protect service quality. If you receive a 429 response, wait before retrying. Contact support if you need higher limits.

Previous

Report Export

Next

Pentests

On this page