Authentication

Helius API uses API keys to authenticate requests. Every API request must include your API key to verify your identity and permissions.
Your API key is sensitive information that grants access to your Helius account. Never expose it in client-side code, public repositories, or browser-accessible areas.

Getting Started

1. Create Your API Key

1

Sign up or log in

Create an account on the Helius Dashboard or log in to your existing account.
2

Navigate to API Keys

Go to the API Keys section in your dashboard sidebar.
3

Generate a new key

Click Create New API Key and provide a descriptive name for your project (e.g., “Production App”, “Development Environment”).
4

Copy and secure your key

Copy your API key immediately and store it securely. You won’t be able to see it again once you navigate away.

2. Using Your API Key

Include your API key as a query parameter in all requests: 
curl "https://mainnet.helius-rpc.com/?api-key=YOUR_API_KEY" \
  -X POST \
  -H "Content-Type: application/json" \
  -d '{"jsonrpc":"2.0","id":1,"method":"getAccountInfo","params":["ACCOUNT_ADDRESS"]}'

Security Best Practices

Environment Variables

Store your API key in environment variables, not in your source code.
export HELIUS_API_KEY="your-api-key-here"

IP Restrictions

Set up IP restrictions for your API keys in the dashboard to limit access to specific IP addresses or ranges.

Separate Keys

Use different API keys for development, staging, and production environments to isolate usage and improve security.

Monitor Usage

Regularly check your API usage in the dashboard to detect unusual patterns or potential security issues.

Secret Management

// Use environment variables
const apiKey = process.env.HELIUS_API_KEY;

// Or use a secrets manager
const { SecretManagerServiceClient } = require('@google-cloud/secret-manager');
const client = new SecretManagerServiceClient();

async function getApiKey() {
  const [version] = await client.accessSecretVersion({
    name: 'projects/PROJECT_ID/secrets/helius-api-key/versions/latest',
  });
  return version.payload.data.toString();
}

Rate Limits & Usage

Rate limits vary by subscription plan. Monitor your usage in the Helius Dashboard to ensure you stay within your allocated limits.

Understanding Rate Limits

  • Requests per second: Based on your subscription tier
  • Monthly request quota: Total requests allowed per billing cycle
  • Burst allowance: Short-term spikes above your base rate limit

Rate Limit Headers

Helius includes rate limit information in response headers: 
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 95
X-RateLimit-Reset: 1640995200

Handling Rate Limits

async function makeRequest(url, data) {
  try {
    const response = await fetch(url, {
      method: 'POST',
      headers: { 'Content-Type': 'application/json' },
      body: JSON.stringify(data)
    });
    
    if (response.status === 429) {
      const retryAfter = response.headers.get('Retry-After');
      console.log(`Rate limited. Retry after ${retryAfter} seconds`);
      await new Promise(resolve => setTimeout(resolve, retryAfter * 1000));
      return makeRequest(url, data); // Retry
    }
    
    return response.json();
  } catch (error) {
    console.error('Request failed:', error);
    throw error;
  }
}

Troubleshooting

Next Steps

Quickstart Guide

Start making your first API calls with Helius

API Reference

Explore all available endpoints and methods

Rate Limits & Billing

Understand pricing and upgrade options

Dashboard

Monitor your API usage and manage keys

Support

Need help with authentication or have questions about API keys?

Discord Community

Join our Discord for real-time help and community support

Email Support

Contact our support team directly