WebQR API
branded QR generation from your server
One HTTP request — SVG in the response. The same design fields as the WebQR builder. No code storage on our side.
Key capabilities
Generation API
Generate static QR codes via API: send a string and an optional design object — get an SVG in milliseconds.
Design & Branding
Apply brand colors, module shapes, frames and logos — all through the design object.
No storage on WebQR
The API is stateless: there is no server-side library of your QR codes. Store SVG output and any labels in your own application.
Why developers choose WebQR API
Stateless REST, full design control, and predictable plan quotas.
SVG in milliseconds
POST /v1/generate accepts a data string and design object — the response includes ready SVG in data.qr_code for you to persist.
Design like the builder
Brand colors, module shapes, eyes, frames, and logo — the same fields you set visually in the dashboard.
Gradients and module styles
Gradient fill, rounded corners, transparent background — all via JSON without rendering on your side.
Stateless — no WebQR library
The API does not store payloads or issue permanent ids. SVG and metadata live in your infrastructure.
Transparent monthly quota
Each successful generation counts toward included_limit; GET /v1/usage shows counters without spending quota.
Keys, IP, and signing
X-API-Key from the dashboard, IP allowlists, and optional HMAC signing for production.
Included generations per month
Successful POST /v1/generate with SVG in the response = +1 to used_count. Quota resets at the start of each calendar month.
Starter
200
generations / month
Premium
5 000
generations / month
Business
25 000
generations / month
Need overage beyond the included quota — enable API billing in the dashboard. Details on Pricing
Three steps to your first QR
No SDK — plain HTTPS and JSON from any backend.
-
1
Create an API key
In the WebQR dashboard: one or more keys, IP restrictions, optional request signing.
-
2
Send POST /v1/generate
X-API-Key header and JSON with data and design. Response — SVG and usage block.
-
3
Store the SVG yourself
File, CDN, print, email — WebQR does not keep the result; you own ids and versions.
Authentication and hardening
Do not embed API keys in websites or mobile apps — proxy requests through your server.
Optional IP allow lists and HMAC request signatures (see cabinet documentation) help lock usage to trusted backends.
- Keep the secret on the server; clients talk to your HTTPS, not to WebQR with the key.
- Restrict each key to your server IPs (or fixed CDN egress).
- Optionally require HMAC signing per key in the cabinet.
API usage analytics
See the demo: free and paid generations, daily charts, and breakdown by API key — no registration.
Frequently asked questions
Included successful generations per calendar month by plan: 200 (Starter), 5000 (Premium), 25000 (Business). If you need more, please contact us.
Yes! You can generate QR codes with the API as well as manually in the main page generator.
Yes. Starter includes Static QR API access with 200 included successful generations per calendar month; Premium 5000; Business 25000 (allowances reset monthly). No separate API-only subscription; optional paid overage may apply.
The API returns JSON with the SVG in data.qr_code, the same content and design you sent (for traceability), and a usage object for quota bookkeeping. This flow is stateless: WebQR does not auto-save every call into your QR library or return a persisted id—you keep the SVG and any ids where you integrate. Anything you intentionally save via the WebQR generator or dashboard stays there under normal cabinet rules.