What is the JSONbin.io API key for?

The JSONbin.io API key, referred to as the 'Secret Key' or 'Master Key', is used to authenticate your requests. It ensures that only authorized users can create, modify, or retrieve private JSON bins. It is included in the `X-Master-Key` HTTP header.

How do I make a bin private?

To make a bin private, include the `X-Bin-Private: true` header in your `POST` request when creating the bin. Private bins require your `X-Master-Key` for all subsequent access attempts.

Can I store non-JSON data in JSONbin.io?

JSONbin.io is specifically designed for storing JSON (JavaScript Object Notation) data. While you could technically store strings that are not valid JSON, the service's primary functionality and API are built around JSON parsing and retrieval.

What are the limits of the free Developer Plan?

The free Developer Plan includes storage for up to 50 bins, with a maximum size of 1MB per bin. It is intended for development and testing purposes. Higher limits are available on paid plans.

How do I update an existing JSON bin?

To update an existing JSON bin, send a `PUT` request to the `/v3/b/:binId` endpoint. Include the updated JSON payload in the request body and your `X-Master-Key` header for private bins. The bin ID (`:binId`) is obtained when the bin is initially created.

Where can I find my bin ID after creation?

When you successfully create a new JSON bin via a `POST` request, the API response will include the bin's unique ID within the `metadata.id` field of the JSON response. This ID is essential for retrieving, updating, or deleting that specific bin.

JSONbin.io Getting Started: Quick Start Guide (2026)

JSONbin.io getting started: JSONbin.io provides a service for storing, managing, and retrieving JSON data via a REST API. It is designed for developers needing temporary or persistent JSON storage without a full database setup. This guide outlines the process for new users to sign up, obtain necessary credentials, and execute their first API call to store JSON data.

Getting started overview

Getting started with JSONbin.io involves a few key steps: account creation, obtaining an API key, and executing a basic API request to store JSON data. JSONbin.io offers a RESTful interface for managing JSON 'bins', which are essentially discrete units of JSON data storage in the cloud. This process enables developers to quickly integrate JSON data storage into applications, prototypes, or testing environments without the overhead of deploying and maintaining a traditional database.

The service supports both public and private bins, allowing control over data visibility. Private bins require an API key for access, while public bins are accessible without authentication once created. Understanding the distinction between these bin types is important for managing data security and access permissions as described in the documentation.

The following table provides a high-level overview of the getting started process:

Step	What to Do	Where
1. Create Account	Register for a new JSONbin.io account.	JSONbin.io homepage
2. Get API Key	Locate your secret API key from your account dashboard.	JSONbin.io Dashboard > API Keys
3. Make First Request	Use `curl` or a similar HTTP client to create a new JSON bin.	Command line or HTTP client
4. Retrieve Data	Fetch the data stored in your newly created bin.	Command line or HTTP client

Create an account and get keys

To begin using JSONbin.io, the first step is to create an account. JSONbin.io provides a free Developer Plan that includes 50 bins and a maximum bin size of 1MB per bin, suitable for initial development and testing as detailed on their pricing page. Registration typically involves providing an email address and creating a password, or using a social login option if available.

Navigate to the JSONbin.io homepage: Open your web browser and go to jsonbin.io.
Sign Up: Look for a 'Sign Up' or 'Get Started' button, usually located in the top right corner of the page. Follow the prompts to create your account.
Verify Email (if required): Some registration processes require email verification. Check your inbox for a confirmation email and follow the instructions to activate your account.
Access Dashboard: Once logged in, you will be redirected to your JSONbin.io dashboard. This is where you manage your bins and API keys.

After creating your account, the next critical step is to obtain your API key. The API key is a unique identifier that authenticates your requests to the JSONbin.io API, ensuring that only authorized applications can access and modify your private data. This key should be kept confidential to prevent unauthorized access to your bins.

Locate API Keys Section: In your JSONbin.io dashboard, navigate to the section labeled 'API Keys' or similar. This is often found in account settings or a dedicated developer area.
Copy Your Secret Key: JSONbin.io typically provides a single 'Secret Key' for each user. This key is paramount for authenticating private bin operations. Copy this key and store it securely. You will use it in the X-Master-Key HTTP header for your API requests as specified in the API documentation.

It is important to treat your API key like a password. Do not embed it directly into client-side code that could be publicly exposed, and avoid committing it to public version control repositories. For web applications, consider using environment variables or a secure server-side proxy to handle API key management, following practices like those outlined in general API security guidelines from Google Developers.

Your first request

With your account created and API key in hand, you can now make your first request to JSONbin.io. This example demonstrates how to create a new private JSON bin using curl, a common command-line tool for making HTTP requests. The request will store a simple JSON object.

Before proceeding, replace YOUR_SECRET_API_KEY with the actual API key you obtained from your JSONbin.io dashboard.

Creating a new private bin (POST)

To create a new bin, you will send a POST request to the /v3/b endpoint. The JSON payload you want to store should be in the request body, and your API key must be included in the X-Master-Key header. Additionally, set the X-Bin-Private header to true to make the bin private. The Content-Type header should be application/json.


curl -X POST \
  -H "Content-Type: application/json" \
  -H "X-Master-Key: YOUR_SECRET_API_KEY" \
  -H "X-Bin-Private: true" \
  -d '{ "message": "Hello, JSONbin.io!", "timestamp": "2026-05-29T10:00:00Z" }' \
  https://api.jsonbin.io/v3/b

Upon successful execution, the API will return a JSON response containing details about the newly created bin, including its unique ID (id), metadata such as creation date, and version information. The id field is crucial as you will use it to retrieve or update this specific bin.


{
  "record": {
    "message": "Hello, JSONbin.io!",
    "timestamp": "2026-05-29T10:00:00Z"
  },
  "metadata": {
    "id": "66579d46e41b4d34e402636f",
    "private": true,
    "createdAt": "2026-05-29T10:30:00.000Z",
    "parentCollectionId": null
  }
}

Note the id value from the metadata object in the response. For example, if the ID is 66579d46e41b4d34e402636f, you will use this in subsequent requests.

Retrieving data from an existing bin (GET)

To retrieve the data you just stored, send a GET request to the /v3/b/:binId endpoint, replacing :binId with the ID obtained from the creation response. Your API key is still required for private bins.


curl -X GET \
  -H "X-Master-Key: YOUR_SECRET_API_KEY" \
  https://api.jsonbin.io/v3/b/66579d46e41b4d34e402636f

The response will return the JSON data stored in the bin:


{
  "record": {
    "message": "Hello, JSONbin.io!",
    "timestamp": "2026-05-29T10:00:00Z"
  },
  "metadata": {
    "id": "66579d46e41b4d34e402636f",
    "private": true,
    "createdAt": "2026-05-29T10:30:00.000Z",
    "parentCollectionId": null
  }
}

Common next steps

After successfully creating and retrieving your first JSON bin, several common next steps can enhance your usage of JSONbin.io:

Update an existing bin: Use a PUT request to the /v3/b/:binId endpoint to modify the content of an existing bin. This allows you to dynamically change your stored JSON data as outlined in the API reference.
Create a public bin: If your data does not require strict access control, you can create a public bin by omitting the X-Bin-Private: true header (or setting it to false) in your POST request. Public bins can be accessed by anyone with the bin ID, making them suitable for sharing public datasets or configurations.
Manage bins through the dashboard: The JSONbin.io web dashboard provides a graphical interface to view, edit, and delete your bins without writing code. This can be useful for quick edits or checking data integrity.
Explore collections: For organizing multiple related bins, JSONbin.io supports collections. You can create collections and assign bins to them, which can simplify management for larger projects. This feature is often part of more advanced plans and documented on their pricing and features page.
Integrate into applications: Beyond curl, integrate JSONbin.io into your preferred programming language or framework. Most languages have HTTP client libraries (e.g., Python's requests, Node.js's axios or built-in http module) that simplify making REST API calls. When integrating, consider how to securely manage API keys and handle error responses.
Review usage and limits: Monitor your bin count, data size, and request limits via your dashboard. The free Developer Plan has specific limitations (50 bins, 1MB max bin size), and understanding these will help you decide if an upgrade to a paid plan, like the Pro Plan, is necessary for your project's scale according to their pricing details.
Implement error handling: For production applications, it is crucial to implement proper error handling for API responses. JSONbin.io's API will return appropriate HTTP status codes (e.g., 400 for bad request, 401 for unauthorized, 404 for not found) and specific error messages in the response body when issues occur as described in their error codes documentation.

Troubleshooting the first call

When making your first API call to JSONbin.io, you might encounter issues. Here are common problems and their solutions:

401 Unauthorized / Invalid API Key:
- Issue: The most frequent issue is an incorrect or missing X-Master-Key header.
- Solution: Double-check that you have copied your API key correctly from your JSONbin.io dashboard. Ensure there are no leading or trailing spaces. Verify that the header is precisely X-Master-Key (case-sensitive) and not misspelled.
400 Bad Request / Invalid JSON:
- Issue: This error typically means the JSON payload in your request body is malformed or not valid JSON.
- Solution: Use an online JSON validator (e.g., Google PageSpeed Insights provides a JSON validator for structured data, though many generic JSON validators exist) to check your JSON string for syntax errors, missing commas, unescaped characters, or incorrect quotation marks. Ensure your Content-Type header is set to application/json.
403 Forbidden / Private Bin Access:
- Issue: You might be trying to access a private bin without the correct API key or without specifying the bin as private during creation.
- Solution: For private bins, ensure the X-Master-Key is present and correct in both creation and retrieval requests. If you intended to create a public bin but inadvertently made it private, delete it and recreate it without the X-Bin-Private: true header.
404 Not Found / Incorrect Bin ID:
- Issue: The bin ID you are trying to access does not exist or is incorrect.
- Solution: Verify that the bin ID in your GET or PUT request URL exactly matches the ID returned when you created the bin. Bin IDs are case-sensitive.
CORS Issues (for browser-based requests):
- Issue: If you are making requests directly from a web browser (e.g., using JavaScript fetch or XMLHttpRequest), you might encounter Cross-Origin Resource Sharing (CORS) errors.
- Solution: JSONbin.io generally supports CORS. However, ensure that your browser environment is configured correctly. For local development, some browser extensions can temporarily disable CORS for testing, but for production, ensure your server-side application acts as a proxy or that your domain is whitelisted if JSONbin.io offers such a feature.
Rate Limiting:
- Issue: Excessive requests in a short period might lead to rate limiting, resulting in 429 Too Many Requests errors.
- Solution: Review JSONbin.io's rate limit policies in their documentation and adjust your application's request frequency accordingly. Implement exponential backoff for retrying failed requests.

JSONbin.io Getting Started: Quick Start Guide (2026)

Getting started overview

Create an account and get keys

Your first request

Creating a new private bin (POST)

Retrieving data from an existing bin (GET)

Common next steps

Troubleshooting the first call

Frequently asked questions

Reviews

Discussion

Written by