Skip to main content

Overview

The Pump.fun API uses JWT (JSON Web Token) authentication to secure endpoints and ensure authorized access. Most API endpoints require authentication, and it’s recommended to include authentication with all requests to ensure complete data retrieval and avoid potential access issues.
Always include your JWT token with API requests to access protected endpoints and retrieve complete data.

Authentication Methods

JWT Bearer Token

All authenticated requests require a valid JWT token passed in the Authorization header: 
Authorization: Bearer <your_jwt_token>

Obtaining a JWT Token

Login Endpoint

To obtain a JWT token, make a POST request to the login endpoint:
endpoint
string
POST https://frontend-api-v3.pump.fun/auth/login
curl -X POST "https://frontend-api-v3.pump.fun/auth/login" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -H "Origin: https://pump.fun" \
  -d '{"key": "value"}'

Response

The login endpoint returns a JWT token in the response body. Store this token securely and include it in subsequent API requests.

Using Your Token

Once you have obtained a JWT token, include it in the Authorization header of all API requests: 
curl -X GET "https://frontend-api-v3.pump.fun/auth/my-profile" \
  -H "Authorization: Bearer <your_jwt_token>" \
  -H "Accept: application/json"

Authentication Endpoints

Check Your Profile

Verify your authentication status by retrieving your profile:
endpoint
string
GET https://frontend-api-v3.pump.fun/auth/my-profile
This endpoint requires authentication and returns your user profile information.

Check Admin Status

Determine if your account has admin privileges:
endpoint
string
GET https://frontend-api-v3.pump.fun/auth/is-admin

Check Super Admin Status

Determine if your account has super admin privileges:
endpoint
string
GET https://frontend-api-v3.pump.fun/auth/is-super-admin

Logout

Invalidate your current JWT token:
endpoint
string
POST https://frontend-api-v3.pump.fun/auth/logout
curl -X POST "https://frontend-api-v3.pump.fun/auth/logout" \
  -H "Authorization: Bearer <your_jwt_token>" \
  -H "Accept: application/json"

Best Practices

Never store JWT tokens in plain text or commit them to version control. Use environment variables or secure credential management systems.
JWT tokens may expire after a certain period. Implement logic to detect expired tokens (401 Unauthorized responses) and re-authenticate when necessary.
Always use HTTPS when making API requests to protect your JWT token from interception.
Only send tokens to legitimate Pump.fun API endpoints. Never share your token with third parties.
If you believe your JWT token has been compromised, immediately call the logout endpoint and obtain a new token through the login process.

Common Authentication Errors

Status CodeErrorDescription
401UnauthorizedMissing or invalid JWT token
403ForbiddenValid token but insufficient permissions
404Not FoundEndpoint does not exist
For more information on handling errors, see the Error Handling guide.

Build docs developers (and LLMs) love

Get started for freeTalk to us