Xshot API

API Key

All Xshot API requests require an API key. You can pass it in three ways:

Query String

curl "https://api.xshot.fun/twitter/user/info?username=elonmusk&api_key=YOUR_KEY"

Best for quick testing in the browser.

curl -H "x-api-key: YOUR_KEY" "https://api.xshot.fun/twitter/user/info?username=elonmusk"

Recommended for production applications.

Bearer Token

curl -H "Authorization: Bearer YOUR_KEY" "https://api.xshot.fun/twitter/user/info?username=elonmusk"

Standard OAuth-style bearer authentication.

WebSocket Authentication

For WebSocket connections, pass the API key as a query parameter:

wss://api.xshot.fun/ws?api_key=YOUR_KEY

Connections without a valid key are immediately closed with code 4001.

Unauthenticated Request

curl "https://api.xshot.fun/twitter/user/info?username=elonmusk"

Response (401):

{
  "error": "Invalid or missing API key"
}

Code Examples

const API_KEY = "YOUR_KEY";

// Using query string
const res = await fetch(
  `https://api.xshot.fun/twitter/user/info?username=elonmusk&api_key=${API_KEY}`
);
const user = await res.json();
console.log(user.followers_count); // 237614000

WebSocket Authentication Example

const ws = new WebSocket("wss://api.xshot.fun/ws?api_key=YOUR_KEY");

ws.onopen = () => {
  console.log("Connected and authenticated");
};

ws.onclose = (event) => {
  if (event.code === 4001) {
    console.error("Authentication failed");
  }
};

​API Key

​Query String

​Header

​Bearer Token

​WebSocket Authentication

​Unauthenticated Request

​Code Examples

​WebSocket Authentication Example