Resources used

"Without this we are nothing"


Why use Wolfible Moralis?

Moralis is a Life-Changing Ethereum SDK and Server Solution.

What is Moralis?

Think Firebase of crypto. Moralis provides managed backend for blockchain projects. Automatically syncing the balances of your users into the database, allowing you to set up on-chain alerts, watch smart contract events, build indexes, and so much more. All features are accessed through an easy-to-use SDK. All features Moralis provides are cross-chain by default 🤯.

What are Moralis Servers?

At the core of every dApp built with Moralis is a Moralis Server. Together with the Moralis SDK, it's what allows you to quickly create a dApp with user authentication and blockchain data such as user token balances, NFTs, transactions, and events.
Let's quickly summarize the different components of a Moralis Server that you will be using.


Here is where all of your data will be stored. For example, when a user signs in to your dApp using crypto wallet authentication, that wallet address will automatically be saved to your database together with any data you have configured, such as token balances, historical transactions, or events.
You can then use this data instantaneously in your dApp frontend.
You can read more under the sections: Moralis Server Database and User Authentication.

Cloud Code

If you need to execute backend code in your dApp, you can do so by using Moralis' Cloud Code feature. Maybe you need to do aggregation or filtering on data that requires computation on the backend. By using cloud code, you can write functions in JavaScript, which can then be triggered by either calling it from your dApp, when certain events happen or triggered by a scheduled job.
You can read more about this in the cloud code section.

The Moralis SDK

Moralis' SDK is how we tie all of this together. Our JavaScript SDK is how your dApp interacts with your Moralis Server. Using the SDK, you can authenticate users, either through username and password or through a crypto wallet like MetaMask You can also use the SDK to get and set user data to fetch balances, NFTs, events, or transactions.
You can read more about the SDK by clicking here.


Welcome to nginx!
Wolfible Pinata Cloud


Please be aware that IPFS is a public network! This means anything uploaded through Pinata will be accessible by anybody on the network.

Your API Keys

When you click "New API Key" you will be prompted to select permissions and the number of uses for the key you generate. Admin privileges, as you might expect, have access to all API endpoints. If you'd like to specify specific endpoints, you can do so by expanding the endpoint's parent route and toggling on the permission.
By default, all keys have unlimited use. However, if you'd like to limit the number of times a key can be used, you can do so by setting the Max Uses field.
By setting a Key Name, you will be able to easily identify the key and its purpose.
Any key can have its access revoked by clicking the Revoke button. Once a key has been revoked, it can no longer be utilized for any purpose.


When you generate your keys, you will see a modal with the Pinata API Key, Pinata API Secret, and the JWT.
Your "Pinata API Key" acts as your public key for our REST API, and your "Pinata Secret API Key" acts as the password for your public key. The JWT is an encoded mix of the two. Be sure to keep your secret key private!
For added customer security, these keys are encrypted on Pinata's side and will only ever be displayed once, so write them down. If you lose these values you'll need to revoke the key and create a new one.

Connecting to the API

The base URL for Pinata requests is:
You have two ways of connecting to the Pinata API:
  • Bearer Authentication
  • Custom Headers
To use the bearer authentication model, you will need the JWT that is generated when creating API keys. This token can be used as an Authorization header for all your API requests in the following format:
"Authorization": "Bearer YOUR_JWT"

Custom Headers

If not using bearer authentication, your API requests will need to include two headers:
pinata_api_key: (put your personal pinata api key here)
pinata_secret_api_key: (put your personal pinata secret api key here)
Once you have your API Keys, you're ready to roll!
Let's try connecting to the Pinata API via the data/testAuthentication endpoint (This endpoint requires an admin key to call).
Want to try out the API without building out all that crazy code surrounding a server? We recommend checking out Postman for easy API experimentation:

JavaScript with Axios example:

At Pinata, when it comes to interacting with an API through JavaScript, we're fans of the axios npm library:
All of our JavaScript examples will use axios, but feel free to use what you feel comfortable with!
const axios = require('axios');
export const testAuthentication = () => {
const url = ``;
return axios
.get(url, {
headers: {
pinata_api_key: 'your pinata api key',
pinata_secret_api_key: 'your pinata secret api key'
.then(function (response) {
//handle your response here
.catch(function (error) {
//handle error here
If you receive a message back from the API that says: "Congratulations! You are communicating with the Pinata API!", then you're authenticated!

We want your feedback!

Have a suggestion? Have a complaint? Confused about something in the documentation? Just want to say hi?
We want to make Pinata the best product available. That involves listening to our users and addressing their needs.