Authentication
All Prediction Hunt API requests authenticate with an API key. Most endpoints require a valid key — the single exception is GET /v2/status.
API Keys
Keys are prefixed with pmx_ and tied to your account and plan tier. Get a free key instantly on the API docs landing page.
pmx_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
X-API-Key Header (preferred)
Pass your key in the X-API-Key request header. This is the recommended approach — the key never appears in server logs or browser history.
curl -H "X-API-Key: YOUR_API_KEY" \ https://www.predictionhunt.com/api/v2/events
api_key Query Parameter (alternative)
Query parameters are convenient for quick browser tests but must not be used in production. The key appears in server access logs, proxy logs, and the browser's Referer header — any of which can leak it to a third party. Always use the X-API-Key header in any code that ships.
curl "https://www.predictionhunt.com/api/v2/events?api_key=YOUR_API_KEY"
Error Responses
No key provided, or the key is invalid / revoked.
{ "error": "Authentication required. Provide an X-API-Key header or api_key query parameter.", "success": false }The endpoint requires a higher plan (e.g. Arb or EV on a Free key).
{ "error": "This endpoint requires a Dev or Pro tier subscription.", "success": false }You've exceeded the per-second or monthly limit for your tier. See the Retry-After header.
{ "error": "Rate limit exceeded. Retry after 1 second.", "success": false }Key Security
- Never embed your API key in client-side JavaScript — it will be visible in the browser.
- Store it in an environment variable (e.g. PREDICTION_HUNT_API_KEY) and inject server-side.
- Rotate immediately if you suspect it has been exposed.
- Scope keys to the minimum required tier — don't use a Pro key for a Free-tier use case.