Authentication
All authenticated endpoints require an API key in the header.
API Keys
LNbits provides two types of keys:
| Key | Header | Access Level |
|---|---|---|
| Admin Key | X-Api-Key: {admin_key} | Full access (create, update, delete) |
| Invoice Key | X-Api-Key: {invoice_key} | Read-only access |
Finding Your Keys
- Open LNbits
- Click on your wallet
- Click "API Info" (key icon)
- Copy the key you need
Using the Key
Include the key in every request:
bash
curl -X GET \
"https://your-lnbits.com/subscriptions_manager/api/v1/plans" \
-H "X-Api-Key: YOUR_API_KEY"Which Key to Use?
| Operation | Key Required |
|---|---|
| List plans | Invoice Key |
| Create plan | Admin Key |
| Update plan | Admin Key |
| Delete plan | Admin Key |
| List subscriptions | Invoice Key |
| Cancel subscription | Admin Key |
Never expose your Admin Key in client-side code. Use it only in server-to-server requests.
Public Endpoints
Some endpoints don't require authentication:
GET /public/plan/{id}— Get plan info for checkoutPOST /public/subscribe— Create a subscriptionGET /public/payment/{id}/status— Check payment status
These are designed for subscriber-facing integrations.