Technical Support

Ask a Question

Rate Limit details

What are the details for rate limits against the POAP API? I'm getting some 429 errors and am unsure what are the limits and how to stay under them.

API key invalid

Hi! Seems like the provided API key isn't working. I've also sent a message in #development on discord.

Address can't take email

Why can't the address field in: /actions/scan/{address}/{eventId} take an email address just like /actions/scan/{address} does. We have users that haven't claimed their poap with a wallet address and the only way for us is with emails. Is there a work around to this?

Fetch Method 'HEAD' not supported

Hi, I'm developing profile page depending on POAPs api, I want to know whether a profile has poaps before I fetch the endpoint (or the client will not fetch) , I tried HEAD method to fetch ,but got 403 status, hope to find a solution

I have received a Doppler link for the API key, but after 24 hours, the provided secret still yields an Invalid Password message.

Please review and advise.

Poap count

Hello! I'm working on a project on ICP and using the POAP API. When making a request, I need to have an approximate idea of how many bytes the API response will be. Is there an endpoint in the API where I can get the count of POAPs for an address without retrieving the details of each individual POAP?

Issue generating access tokens

The page here - <> - says that an access token can be generated by populating audience, client_credentials, and client_secret (auth token) with the values provided via email. But all I got in the email was the one time link to expose the client ID and client Secret. There is nothing I can see on audience or client_crednetials for me to be able to populate this CURL request curl --location --request POST --url '<'> --header "Content-Type: application/json" -d '{"audience": "<">, "grant_type": "client_credentials", "client_id": "$clientid", "client_secret": "$clientsecret"}' Please help

CORS policy

Hello, When I am trying to fetch the api request, in certain condition, I get this error: "Access to fetch at '<'> from origin '<'> has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled." Is there a way to deactivate the No 'Access-Control-Allow-Origin' header on the Server Side?

Hiding the API Key

Hello, I am using the API Key to access the POAP API stack but this GET Request can be seen in any browser Inspecting tool. How could we hide this Header value for security reasons?

How can I get access to a new API key?

Hello. I have received the email from the POAP team with the API Key. Once I enter the provided link, it leads me to a Doppler site with the message "This link has expired. Try sharing a new secret!" Also, on the right side of Doppler's web, there is a box to "share secret". We tried entering the passphrase anyways and it return the same passphrase. Does anybody know if this is a regular error, or if I need to get the API replacement? ![](