API Documentation
The EasyDebrid API allows you to integrate our debrid service into your applications. This quick start guide will help you get up and running quickly.
Full API Reference: For complete API documentation with all endpoints and schemas, visit our interactive API documentation.
Authentication
Option 1: Get API Key from Dashboard
The simplest way to get started is to retrieve your API key from your account dashboard:
- Log in to your account
- Navigate to your Dashboard
- Copy your API key from the "API Key" card
- Use this key in the Authorization header of your requests
Option 2: OAuth 2.0 with PKCE (Interactive Login)
For applications that want to provide an interactive login flow, use OAuth 2.0 with PKCE (Proof Key for Code Exchange). This allows users to authenticate directly within your app without manually copying their API key from the dashboard. The access token returned by this flow is the user's API key.
- Generate a code verifier and code challenge (PKCE)
- Direct users to
/oauth/authorizewith required parameters - User completes email verification
- Exchange the authorization code for an access token at
/oauth/token
Note: The client_id parameter is optional.
If provided, it will be validated against registered clients. If omitted, the authorization flow will proceed without client validation.
Step 1: Generate PKCE Parameters
Generate a code verifier and create the SHA256 challenge:
# Generate code verifier (43-128 chars, alphanumeric + -._~ only)
CODE_VERIFIER=$(openssl rand -base64 32 | tr -d "=+/" | cut -c1-43)
# Generate code challenge (base64url-encoded SHA256 hash of verifier)
CODE_CHALLENGE=$(echo -n $CODE_VERIFIER | openssl dgst -sha256 -binary | base64 | tr -d "=+/" | tr "/+" "_-")
# Generate state for CSRF protection (any random string)
STATE=$(openssl rand -hex 16)Note: The code verifier must be 43-128 characters long and use only unreserved characters (A-Z, a-z, 0-9, -, ., _, ~) as per the PKCE specification. The state parameter has no such requirements - any random value works.
Step 2: Authorization Request
Direct the user to the authorization URL (store the state and code_verifier for later use):
# Without client_id (optional)
https://beta.easydebrid.com/oauth/authorize?response_type=code&redirect_uri=https://yourapp.com/callback&scope=full&state=$STATE&code_challenge=$CODE_CHALLENGE&code_challenge_method=S256
# With client_id (validated against whitelist)
https://beta.easydebrid.com/oauth/authorize?response_type=code&client_id=YOUR_CLIENT_ID&redirect_uri=https://yourapp.com/callback&scope=full&state=$STATE&code_challenge=$CODE_CHALLENGE&code_challenge_method=S256
Important: The state parameter is used to prevent CSRF attacks.
Store the state value before redirecting the user, then verify it matches when the user is redirected back to your redirect_uri.
Step 3: Exchange Code for Token
After the user authorizes, exchange the code for an access token:
curl -X POST "https://beta.easydebrid.com/oauth/token" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "code=AUTHORIZATION_CODE&code_verifier=$CODE_VERIFIER"Response
{
"token_type": "Bearer",
"expires_in": 315360000,
"access_token": "your_api_key_here",
"scope": "full"
}
Note: The access_token returned is the user's API key.
Use it in subsequent API requests just like the API key from the dashboard.
Note: All API requests must include authentication:
Authorization: Bearer YOUR_API_KEYAPI Base URL
https://beta.easydebrid.com/api/v1Example 1: Get Account Info
Retrieve information about your account, including your customer ID and premium expiry date.
Request
GET https://beta.easydebrid.com/api/v1/user/details
Authorization: Bearer YOUR_API_KEYcURL Example
curl -X GET "https://beta.easydebrid.com/api/v1/user/details" \
-H "Authorization: Bearer YOUR_API_KEY"Response
{
"id": "123123123",
"paid_until": "2026-10-01"
}Example 2: Check if Links are Cached
Check whether magnet links or torrent URLs are available in our cache.
Request
POST https://beta.easydebrid.com/api/v1/link/lookup
Authorization: Bearer YOUR_API_KEY
Content-Type: application/json
{
"urls": [
"magnet:?xt=urn:btih:dd8255ecdc7ca55fb0bbf81323d87062db1f6d1c&dn=Big+Buck+Bunny",
"magnet:?xt=urn:btih:018e50b58106b84a42c223ccf0494334f8d55958&dn=ubuntu-22.04.4"
]
}cURL Example
curl -X POST "https://beta.easydebrid.com/api/v1/link/lookup" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"urls": [
"magnet:?xt=urn:btih:dd8255ecdc7ca55fb0bbf81323d87062db1f6d1c&dn=Big+Buck+Bunny"
]
}'Response
{
"cached": [
true,
false
]
}
The response array corresponds to the input URLs. true means the content is cached and ready for instant download.
Example 3: Generate Debrid Link
Convert a magnet link or torrent URL into direct download links.
Request
POST https://beta.easydebrid.com/api/v1/link/generate
Authorization: Bearer YOUR_API_KEY
Content-Type: application/json
{
"url": "magnet:?xt=urn:btih:dd8255ecdc7ca55fb0bbf81323d87062db1f6d1c&dn=Big+Buck+Bunny"
}cURL Example
curl -X POST "https://beta.easydebrid.com/api/v1/link/generate" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"url": "magnet:?xt=urn:btih:dd8255ecdc7ca55fb0bbf81323d87062db1f6d1c&dn=Big+Buck+Bunny"
}'Response
{
"files": [
{
"filename": "Big Buck Bunny.mp4",
"directory": ["Videos", "Big Buck Bunny"],
"size": 276134947,
"url": "https://server.com/files/big-buck-bunny.mp4"
},
{
"filename": "poster.jpg",
"directory": ["Videos", "Big Buck Bunny"],
"size": 310380,
"url": "https://server.com/files/poster.jpg"
},
{
"filename": "Big Buck Bunny.en.srt",
"directory": ["Videos", "Big Buck Bunny"],
"size": 140,
"url": "https://server.com/files/subtitles.srt"
}
]
}Each file in the response contains a direct download URL that you can use immediately.
Next Steps
- Explore the full API documentation for all available endpoints
- Register your OAuth application in the Developer Center
- Need help? Contact our support team