API Documentation

Everything you need to integrate Net Tools into your application.

Authentication

All API endpoints require authentication. You can authenticate using either a JWT access token or an API key.

API Key (recommended for server-to-server)

Pass your API key in the X-API-Key header.

curl -H "X-API-Key: ipt_your_key_here" \
  https://net-tools.gleny.dev/api/ip/8.8.8.8

JWT Bearer Token

Pass the access token from login in the Authorization header.

curl -H "Authorization: Bearer eyJhbGci..." \
  https://net-tools.gleny.dev/api/ip/8.8.8.8

Endpoints

GET/api/ip/{address}

Look up geolocation data for a specific IP address.

Response

{
  "ip": "8.8.8.8",
  "country": "United States",
  "countryCode": "US",
  "continent": "North America",
  "continentCode": "NA"
}

GET/api/ip/me

Look up geolocation data for the caller's IP address.

Response

Same format as above.

POST/api/auth/register

Create a new account.

Request Body

{
  "email": "[email protected]",
  "password": "minimum8chars"
}

Response

{
  "accessToken": "eyJhbG...",
  "refreshToken": "base64...",
  "expiresAt": "2026-02-28T18:00:00Z",
  "user": {
    "id": "guid",
    "email": "[email protected]",
    "tier": "Free"
  }
}

POST/api/auth/login

Same request/response format as register.

POST/api/auth/refresh

Refresh an expired access token.

Request Body

{ "refreshToken": "base64..." }

POST/api/keys

Create a new API key. Requires JWT auth.

Request Body

{ "name": "My App" }

Response

{
  "id": "guid",
  "name": "My App",
  "prefix": "ipt_abc12345",
  "key": "ipt_full_key_here",
  "createdAt": "2026-02-28T17:00:00Z"
}

⚠ The full key is only returned once at creation. Store it securely.

GET/api/keys

List all your API keys (prefix only, not full key).

DELETE/api/keys/{id}

Revoke an API key. This cannot be undone.

GET/api/usage

Get your current usage statistics.

Response

{
  "requestsToday": 12,
  "dailyLimit": 50,
  "requestsThisMinute": 2,
  "minuteLimit": 5,
  "tier": "Free"
}

GET/api/usage/history?limit=20

Get your recent IP lookup history.

Rate Limits

Rate limits are applied per user. When exceeded, the API returns 429 Too Many Requests.

Tier	Requests/Day	Requests/Minute
Free	50	5
Pro	10,000	60
Enterprise	100,000	300

Error Codes

Status	Meaning
400	Invalid request (e.g., bad IP format)
401	Missing or invalid authentication
404	IP not found in database
409	Conflict (e.g., email already registered)
429	Rate limit exceeded