Getting Started with the QR Dex API

Overview

The QR Dex REST API lets you manage QR codes programmatically. Instead of using the web dashboard, you can create, retrieve, update, and delete QR codes directly from your own applications, scripts, or backend systems. This is ideal for teams that need to generate QR codes at scale, integrate QR code creation into existing workflows, or build custom tooling on top of QR Dex.

Requirements

  • QR Dex Growth plan or higher -- API access is available on the Growth, Plus, Pro, and Enterprise plans.
  • Team owner permissions -- Only team owners can generate API keys.

What You Can Do with the API

  • Create QR codes -- Generate new QR codes programmatically with a specified destination URL, type, and configuration.
  • Retrieve QR code data -- Fetch details about existing QR codes, including their destination, scan count, and creation date.
  • Update destinations -- Change where a dynamic QR code points without creating a new code.
  • Delete QR codes -- Remove QR codes that are no longer needed.
  • Download QR code images -- Retrieve the QR code image in PNG, JPG, WEBP, or SVG format for use in your own materials.

Generating an API Key

  1. Go to your team page. Click Team in the top navigation bar to open your team page.
  2. Click API Keys. Click the API Keys button to open the API key management page.
  3. Generate a new key. Click Generate API Key, give it a descriptive name (for example, "Production Server" or "CI Pipeline"), and click Create. Your new API key will be displayed once -- copy it immediately and store it securely. You will not be able to view the full key again.

Authenticating Requests

All API requests must include your API key in the X-Api-Key header. Here is an example using curl: 

curl -H "X-Api-Key: your_api_key_here" \
  https://qrdex.io/api/v1/qr_codes

Replace your_api_key_here with the API key you generated in the previous step. Every request without a valid API key will receive a 401 Unauthorized response.

Basic Example: List Your QR Codes

To retrieve a list of all QR codes in your team, send a GET request to the QR codes endpoint: 

curl -H "X-Api-Key: your_api_key_here" \
  https://qrdex.io/api/v1/qr_codes

The response is a JSON array containing your QR codes, each with its ID, name, destination URL, scan count, and other metadata. Use pagination parameters to navigate through large result sets.

Rate Limits

To ensure fair usage and platform stability, the QR Dex API enforces rate limits. The default limit is 60 requests per minute per API key. If you exceed this limit, the API will return a 429 Too Many Requests response. The response headers include X-RateLimit-Limit, X-RateLimit-Remaining, and X-RateLimit-Reset so you can monitor your usage and implement appropriate backoff logic.

Best Practices

  • Keep your API key secure. Never expose your API key in client-side code, public repositories, or browser requests. Store it in environment variables or a secrets manager.
  • Use descriptive key names. If you generate multiple API keys for different environments or services, give each one a clear name so you can identify and revoke them individually.
  • Handle errors gracefully. Always check the HTTP status code in the response. Common codes include 200 for success, 201 for resource creation, 401 for authentication errors, 404 for missing resources, and 422 for validation errors.
  • Implement retry logic. If you receive a 429 rate limit response, wait until the X-RateLimit-Reset timestamp before retrying.
  • Revoke unused keys. If an API key is no longer in use, revoke it from the API Keys settings page to reduce your security surface.

Full Documentation

This article covers the basics of getting started. For complete endpoint references, request and response schemas, and advanced usage examples, visit the API Documentation page.

Related Articles