Authentication

Every Solami endpoint requires an API key. You create keys in the Dashboard and pass them with each request.

Key types

Each key type is scoped to a specific service. Using the wrong key type for an endpoint returns a 403 error.

RPC Key
gRPC Key
SWQoS Key

An RPC Key authenticates requests to the JSON-RPC endpoint and WebSocket endpoint.

Endpoint	URL
RPC	`https://rpc.solami.fast/sol?api_key=YOUR_KEY`
WebSocket	`wss://rpc.solami.fast/ws/sol?api_key=YOUR_KEY`

Use an RPC Key for all standard Solana JSON-RPC methods: fetching accounts, checking balances, sending transactions, and subscribing to account or program updates over WebSocket.See Solana RPC and WebSocket for endpoint details.

A gRPC Key authenticates connections to the Yellowstone gRPC streaming endpoint.

Endpoint	URL
gRPC	`https://grpc.solami.fast?api_key=YOUR_KEY`

Use a gRPC Key to subscribe to real-time streams for accounts, transactions, blocks, and slots with low latency.See gRPC Streams for subscription options.

A SWQoS Key enables stake-weighted quality of service for transaction landing. Pass it alongside your RPC Key when using priority transaction submission.

Endpoint	URL
SWQoS	`https://rpc.solami.fast/sol?api_key=YOUR_SWQOS_KEY`

SWQoS routes your transactions through staked validators, giving them priority over unstaked traffic and improving landing rates during congestion.See SWQoS and Sending Transactions for full usage details.

Passing your API key

You can pass your API key in two ways.

Query parameter

Append api_key to the request URL. This is the simplest method and works for all clients.

curl "https://rpc.solami.fast/sol?api_key=YOUR_API_KEY" \
  -X POST \
  -H "Content-Type: application/json" \
  -d '{"jsonrpc":"2.0","id":1,"method":"getSlot"}'

Authorization header

Pass the key in the Authorization header using the Bearer scheme. This keeps the key out of URLs and server logs.

curl "https://rpc.solami.fast/sol" \
  -X POST \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"jsonrpc":"2.0","id":1,"method":"getSlot"}'

For server-side code, store your key in an environment variable and read it at runtime. Never hardcode API keys in source files or commit them to version control.

export SOLAMI_API_KEY=your_key_here

The Rust SDK reads SOLAMI_API_KEY automatically via solami::from_env().

Rate limits

Rate limits are applied per API key, measured in requests per second (RPS).

Plan	RPS	`sendTransaction` / s
Free	5	1
Dev	50	5
Pro	200	20
Ultra	500	50
Shared Metal	2000	200

HTTP 429 — rate limit exceeded

When you exceed your plan’s RPS limit, the API returns an HTTP 429 Too Many Requests response.

{
  "error": {
    "code": 429,
    "message": "Rate limit exceeded. Slow down your request rate or upgrade your plan."
  }
}

If you’re hitting 429 frequently, you have two options:

Implement retry logic — back off and retry after a short delay.
Upgrade your plan — move to a higher tier for a larger RPS allowance.

Sustained bursts that far exceed your limit may result in temporary key suspension. Add exponential backoff to your retry logic to avoid this.

See Plans for a full comparison of rate limits and features across tiers.

Managing keys

Create, rotate, and revoke API keys from Dashboard → API Keys. For step-by-step instructions, see the API Keys guide.

Rotating a key immediately invalidates the old one. Update any services using the old key before rotating.

​Key types

​Passing your API key

​Query parameter

​Authorization header

​Rate limits

​HTTP 429 — rate limit exceeded

​Managing keys

Key types

Passing your API key

Query parameter

Authorization header

Rate limits

HTTP 429 — rate limit exceeded

Managing keys