QR Code API
Create and repoint dynamic QR codes and read scan analytics straight from your own systems. QRLynx's REST API is available on the Business and Enterprise plans.
Select QR Code Type
A REST API for dynamic QR codes
The QRLynx API lets you create dynamic QR codes, change where they point, and read their scan analytics from your own applications, no dashboard required. Every code you create through the API is a real dynamic QR: print it once, repoint it anytime, and track it per scan.
The API is a REST/JSON interface authenticated with scoped, revocable API keys. It is available on the Business plan ($29/mo) and the Enterprise plan. Read the developer documentation for endpoints and curl examples, grab the OpenAPI 3.1 spec, or create an API key once you are on a Business plan.
What you can build
Automate dynamic QR codes end to end.
Create dynamic QR codes
POST a destination URL and get back a short link plus a print-ready QR you can render as SVG.
Repoint anytime
PATCH a code to change where it points, with no reprinting. The same physical QR keeps working.
Read scan analytics
GET a code to read its total and unique scan counts and last-scanned time programmatically.
Scoped, revocable keys
Issue read-only or read/write keys, see when each was last used, and revoke any of them instantly.
Server-rendered SVG
Every code returns a clean, scalable SVG you can drop straight into your own UI or print pipeline.
Built-in URL safety
API-created codes run the same multi-layer URL security scanning and plan limits as the dashboard.
How to use the QR Code API
From upgrade to first request in minutes.
Upgrade to Business
The API is included on the Business plan ($29/mo) and Enterprise. Upgrade from your billing page.
Create an API key
Go to Account then API Keys, create a key, and choose a read or read/write scope. Copy the secret, it is shown only once.
Make your first request
Send a POST to /api/v1/qr with your destination URL and an Authorization: Bearer header. You get back the short link and an SVG.
Automate and track
Repoint codes with PATCH, read scan counts with GET, and revoke keys whenever you need. See the developer docs for full examples.
Scope and security
The API is deliberately focused. Today it covers creating dynamic QR codes, repointing their destinations, reading their scan analytics, and rendering each code as an SVG. It is REST/JSON and does not include webhooks or native CRM connectors.
Security is inherited from the product, not bolted on: every destination submitted through the API runs the same URL security scanning as a code made in the dashboard, requests are rate-limited per key (with tighter limits on writes than reads), and each key is bound to your account's plan limits. Keys are stored only as a SHA-256 hash, are scoped to read or read/write, and can be revoked instantly.
QR Code API FAQs
Common questions from developers.
Which plans include the API?
The QRLynx REST API is available on the Business plan ($29/mo) and the Enterprise plan. It is not included on the free Starter, Starter+, or Pro plans.
How do I authenticate?
Each request sends an Authorization: Bearer qrl_live_... header with an API key you create in your account. Keys are stored only as a SHA-256 hash, and the full secret is shown once at creation and never again.
What can the API do?
You can create dynamic QR codes, repoint their destination URLs, read their scan analytics, and render each code as an SVG. Creating and revoking keys happens in your dashboard.
What scopes are available?
Keys are scoped qr:read (read codes and analytics) or qr:write (also create and repoint). A write key implies read. Choose the narrowest scope your integration needs.
Does the API support webhooks or CRM integrations?
Not yet. The current API is a REST/JSON interface for creating, repointing, and reading QR codes. Webhooks and native CRM connectors are not part of it today.
Are API-created codes safe?
Yes. Every destination submitted through the API runs the same multi-layer URL security scanning as the dashboard, and API keys are bound to your account's plan limits.
Is there a rate limit?
Yes. API requests are rate-limited per key, with tighter limits on writes than reads, to keep the platform fast and resistant to abuse.
How do I revoke a key?
Open Account then API Keys and revoke the key. Revocation takes effect on the next request; there is no cache to wait out.
What format does the API return?
JSON for code data and analytics, and image/svg+xml when you request a code's rendered SVG. Full request and response shapes are in the OpenAPI 3.1 spec.
Where are the full docs?
The developer documentation at /developers has authentication details, endpoint references, and copy-paste curl examples. The machine-readable spec lives at /api/v1/openapi.json.