Authentication
All API requests require a valid API key passed in the Authorization header using the Bearer scheme.
Getting a Key
Register at transitkit.dev/signup to get a free API key. Keys are prefixed with tk_live_ and emailed instantly.
Using Your Key
Include your API key in every request:
cURL
curl https://api.transitkit.dev/v1/departures?stop=200060 \
-H "Authorization: Bearer tk_live_xxxxxxxxxxxx"JavaScript
const res = await fetch('https://api.transitkit.dev/v1/departures?stop=200060', {
headers: {
'Authorization': `Bearer ${process.env.TRANSITKIT_API_KEY}`
}
})Python
import requests
response = requests.get(
'https://api.transitkit.dev/v1/departures',
params={'stop': '200060'},
headers={'Authorization': f'Bearer {API_KEY}'}
)Error Response
Requests without a valid key return 401 Unauthorized:
401 Unauthorized
{
"error": {
"code": "UNAUTHORIZED",
"message": "Missing or invalid API key. Include your key in the Authorization header as: Bearer tk_live_xxx",
"docs": "https://transitkit.dev/docs/authentication"
}
}Rate Limits
| Plan | Daily Limit |
|---|---|
| Free | 1,000 requests/day |
| Developer | 50,000 requests/day |
| Pro | Unlimited |
When you exceed your rate limit, the API returns 429 Too Many Requests. Limits reset daily at midnight UTC.