Skip to main content

Overview

Proper HTTP headers are essential for successful API requests to the Pump.fun API. This guide covers all required and recommended headers to ensure your requests are processed correctly.

Required Headers

Authorization

The Authorization header is required for authenticated endpoints and recommended for all requests.
Authorization
string
required
Bearer token for JWT authentication
Authorization: Bearer <your_jwt_token>
Most API endpoints require authentication. Include this header with all requests to ensure complete data retrieval and avoid access issues.

Accept

The Accept header tells the API what content type you expect in the response.
Accept
string
required
Expected response content type
Accept: application/json
You can also use: 
Accept: */*
Both formats are accepted by the API.

Origin

The Origin header indicates the origin of the request. This is required for CORS compliance.
Origin
string
required
Origin domain of the request
Origin: https://pump.fun
The API validates the Origin header for security. Always use https://pump.fun as the origin value.

Content-Type

For POST, PUT, and PATCH requests that include a request body, the Content-Type header is required.
Content-Type
string
required
Format of the request body
Content-Type: application/json

Optional Headers

If-None-Match

Use this header for efficient caching. Include the ETag value from a previous response to check if content has changed.
If-None-Match
string
ETag value from previous response
If-None-Match: W/"etag-value"
If the content hasn’t changed, the API returns a 304 Not Modified response, saving bandwidth. See the Caching guide for more details.

Example Requests

GET Request

curl -X GET "https://frontend-api-v3.pump.fun/coins/{mint}" \
  -H "Authorization: Bearer <your_jwt_token>" \
  -H "Accept: application/json" \
  -H "Origin: https://pump.fun"

POST Request

curl -X POST "https://frontend-api-v3.pump.fun/auth/login" \
  -H "Authorization: Bearer <your_jwt_token>" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -H "Origin: https://pump.fun" \
  -d '{"key": "value"}'

Request with Caching

curl -X GET "https://frontend-api-v3.pump.fun/coins/{mint}" \
  -H "Authorization: Bearer <your_jwt_token>" \
  -H "Accept: application/json" \
  -H "Origin: https://pump.fun" \
  -H "If-None-Match: W/\"abc123\""

Header Quick Reference

HeaderValueRequiredUse Case
AuthorizationBearer <JWT>YesAuthentication for all protected endpoints
Acceptapplication/json or */*YesSpecify expected response format
Originhttps://pump.funYesCORS compliance
Content-Typeapplication/jsonFor POST/PUT/PATCHSpecify request body format
If-None-MatchW/"etag-value"OptionalEnable response caching

Best Practices

Even if an endpoint doesn’t strictly require authentication, including the Authorization header ensures you receive complete data and avoid potential access restrictions.
For requests with a JSON body, always set Content-Type: application/json. Mismatched content types may result in 400 Bad Request errors.
Implement the If-None-Match header with ETag values to reduce bandwidth and improve performance. The API will return 304 responses when content hasn’t changed.
Always use https://pump.fun as the Origin header value. Other origins may be rejected by CORS policies.

Common Header Errors

IssueCauseSolution
401 UnauthorizedMissing or invalid Authorization headerInclude valid JWT token in Authorization header
400 Bad RequestMissing Content-Type on POST/PUTAdd Content-Type: application/json header
403 ForbiddenInvalid Origin headerUse Origin: https://pump.fun
For more information, see the Authentication and Error Handling guides.

Build docs developers (and LLMs) love

Get started for freeTalk to us