Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.xquik.com/llms.txt

Use this file to discover all available pages before exploring further.

The Xquik REST API v1 provides programmatic access to X data and automation. Endpoints are organized into these categories:

Monitors & Events

Create account and keyword monitors, retrieve events, manage webhooks

Draws & Extractions

Run giveaway draws, extract tweet data

X Data

User lookups, tweet search, trends, media downloads

X Write Actions

Post tweets, like, retweet, follow, DM, profile updates

Account & Billing

Account info, API keys, drafts, styles, subscriptions

Base URL

https://xquik.com/api/v1
All endpoints are served over HTTPS only. Plain HTTP requests receive a 301 redirect to HTTPS. Always use the full base URL.

OpenAPI spec

The full API specification is available as an OpenAPI 3.1 document: 
https://xquik.com/openapi.json
YAML is also available at: 
https://docs.xquik.com/openapi.yaml
Use these with any OpenAPI-compatible tool (Postman, Insomnia, Swagger UI) or to generate client libraries. The spec follows RFC 9727 service discovery conventions. API service discovery is published at: 
https://xquik.com/.well-known/api-catalog

Authentication

Pass your API key via the x-api-key header: 
x-api-key: xq_YOUR_KEY_HERE
Generate keys from your dashboard. See Authentication for full details on key format, dual auth endpoints, and security best practices.

Machine Payments Protocol

31 X-API endpoints also accept anonymous MPP payments. The server returns a 402 challenge; your client pays via Tempo (USDC) and retries with a payment credential. No API key needed. See the MPP overview for eligible endpoints and pricing.

First request

Copy-paste this to verify your API key works: 
curl -s https://xquik.com/api/v1/account \
  -H "x-api-key: xq_YOUR_KEY_HERE" | jq
Response: 
{
  "plan": "active",
  "monitorsAllowed": 9007199254740991,
  "monitorsUsed": 0,
  "monitorBilling": {
    "activeDailyEstimate": "0",
    "activeHourlyBurn": "0",
    "creditsPerActiveMonitorDay": "500",
    "creditsPerActiveMonitorHour": "21",
    "eventsIncluded": true,
    "instantCheckIntervalSeconds": 1,
    "unlimitedSlots": true
  },
  "creditInfo": {
    "balance": "140000",
    "lifetimePurchased": "140000",
    "lifetimeUsed": "0",
    "autoTopupEnabled": false,
    "autoTopupAmountDollars": 10,
    "autoTopupThreshold": "50000"
  }
}
Replace xq_YOUR_KEY_HERE with your actual API key from the dashboard. If you get 401, double-check that the header name is x-api-key (lowercase) and the key starts with xq_.

Integration readiness checklist

Run this checklist before connecting a production client, workflow builder, or agent to the API.
CheckVerifyFailure mode to handle
AuthenticationSend x-api-key on subscription endpoints or use the documented MPP flow on eligible X data endpoints.401 unauthenticated, 402 no_subscription, or an MPP 402 payment challenge.
Response contractDefault REST examples use the v1 shape. Send xquik-api-contract: 2026-04-29 only when your client expects snake_case, structured errors, has_more, and next_cursor.Field-name drift between generated clients, MCP calls, and hand-written REST code.
PaginationUse after with nextCursor on events, draws, extractions, and drafts. Use cursor with next_cursor on X data endpoints.Missing pages, duplicate records, or clients that decode opaque cursors.
BillingHandle 402 no_credits and 402 insufficient_credits. Estimate extraction cost before creating extraction jobs.Partial paid result pages, failed draws, or jobs blocked by credit balance.
Rate limitsRespect Retry-After. Read calls are 10 per 1s, write calls are 30 per 60s, and delete calls are 15 per 60s.Repeated 429 rate_limit_exceeded responses and avoidable retry storms.
Ambiguous writesTreat 202 x_write_unconfirmed as pending confirmation. Store writeActionId, call GET /x/write-actions/{id}, and do not retry-send while status is pending_confirmation.Duplicate tweets, repeated actions, or inconsistent operator handoff.

Rate limits

TierMethodsLimit
ReadGET, HEAD, OPTIONS10 per 1s
WritePOST, PUT, PATCH30 per 60s
DeleteDELETE15 per 60s
Exceeding limits returns 429 Too Many Requests with a Retry-After header. See the Rate Limits guide for backoff implementations in multiple languages.

Conventions

All IDs are returned as strings representing bigint values. Always treat IDs as opaque strings - never parse them as numbers:
{ "id": "123456789" }
All timestamps use ISO 8601 format in UTC. Store and compare timestamps as strings or parse them into proper date objects:
{ "createdAt": "2026-02-24T10:30:00.000Z" }
All errors return a JSON body with an error field containing a machine-readable error code:
{ "error": "error_code" }
Common errors:
StatusCodeMeaning
400invalid_inputRequest body failed validation
401unauthenticatedMissing or invalid API key
402no_subscriptionNo active subscription
402no_creditsNo credit balance
402insufficient_creditsInsufficient credits for this operation
404not_foundResource does not exist
429-Rate limited - retry with backoff
502x_api_unavailableRead service temporarily unavailable - retry
See Error Handling for the full error code list and handling strategies.
Events, draws, extractions, and drafts use cursor-based pagination. When more results exist, the response includes hasMore: true and a nextCursor value:
{
  "events": [],
  "hasMore": true,
  "nextCursor": "MjAyNi0wMi0yNFQxMDozMDowMC4wMDBa..."
}
Pass nextCursor as the after query parameter to fetch the next page:
curl "https://xquik.com/api/v1/events?after=MjAyNi0wMi0yNFQxMDozMDowMC4wMDBa..." \
 -H "x-api-key: xq_YOUR_KEY_HERE"
Cursors are opaque strings - do not decode or construct them manually. Monitors, webhooks, and API keys return up to 200 items without pagination.
v1 keeps the default response contract unchanged for existing clients. Send xquik-api-contract: 2026-04-29 to opt in to the normalized v1 response contract.
curl "https://xquik.com/api/v1/events" \
 -H "x-api-key: xq_YOUR_KEY_HERE" \
 -H "xquik-api-contract: 2026-04-29"
Opt-in responses use snake_case field names, Unix timestamps in seconds, structured error objects, has_more and next_cursor pagination fields, an object field on recognized resources, and prefixed IDs where available.
{
  "events": [],
  "has_more": true,
  "next_cursor": "MjAyNi0wMi0yNFQxMDozMDowMC4wMDBa..."
}
Legacy dependency failures that return 502 by default return 424 Failed Dependency in the opt-in contract:
{
  "error": {
    "type": "dependency_error",
    "code": "x_api_unavailable",
    "message": "Read service temporarily unavailable. Retry shortly."
  }
}

Event types

Monitor events

Used across monitors, webhooks, and events:
TypeDescription
tweet.newOriginal tweet posted by the monitored account or matching query
tweet.quoteQuote tweet posted by the monitored account or matching query
tweet.replyReply posted by the monitored account or matching query
tweet.retweetRetweet posted by the monitored account or matching query

Next steps

Error Handling

Handle errors gracefully with retries and fallbacks.

Rate Limits

Understand limits and implement backoff strategies.

Workflows

End-to-end examples: monitors, events, and webhooks.

X Data Endpoints

User lookups, tweet search, trends, and media downloads.

X Write Actions

Post tweets, like, retweet, follow, DM, and more.

Monitors

Track X accounts and receive real-time events.
Last modified on May 9, 2026