Authentication
All authenticated endpoints require an API key in the header.
API Keys
LNbits provides two types of keys:
| Key | Header | Access Level |
|---|---|---|
| Admin Key | X-Api-Key: {admin_key} | Full access (create, update, delete) |
| Invoice Key | X-Api-Key: {invoice_key} | Read-only access |
| Subscriber Token | X-Subscriber-Token: {token} | Subscriber portal (self-service) |
Finding Your Keys
- Open LNbits
- Click on your wallet
- Click "API Info" (key icon)
- Copy the key you need
Using the Key
Include the key in every request:
bash
curl -X GET \
"https://your-lnbits.com/subscriptions_manager/api/v1/plans" \
-H "X-Api-Key: YOUR_API_KEY"Which Key to Use?
| Operation | Key Required |
|---|---|
| List plans | Invoice Key |
| Create plan | Admin Key |
| Update plan | Admin Key |
| Delete plan | Admin Key |
| List subscriptions | Invoice Key |
| Cancel subscription | Admin Key |
Never expose your Admin Key in client-side code. Use it only in server-to-server requests.
Subscriber Portal
The subscriber portal endpoints use a dedicated X-Subscriber-Token header. Each subscriber receives a unique access token when their subscription is created.
bash
curl -X GET \
"https://your-lnbits.com/subscriptions_manager/api/v1/public/manage/subscriptions" \
-H "X-Subscriber-Token: SUBSCRIBER_ACCESS_TOKEN"| Operation | Endpoint |
|---|---|
| List subscriptions | GET /public/manage/subscriptions |
| Cancel subscription | POST /public/manage/subscription/{id}/cancel |
| List connected wallets | GET /public/manage/wallets |
| Disconnect wallet | DELETE /public/manage/wallets/{id} |
Public Endpoints
Some endpoints don't require any authentication:
GET /public/plan/{id}— Get plan info for checkoutPOST /public/subscribe— Create a subscriptionGET /public/payment/{id}/status— Check payment statusPOST /public/nwc/validate— Validate NWC connectionPOST /public/subscribe/nwc— Create NWC subscription
These are designed for subscriber-facing integrations.