Tools

SearchAPI.io

Multi-engine search results with the api_key injected for you

View as Markdown

Proxies SearchAPI.io’s search endpoint, injecting the secret api_key query parameter:

GET /searchapi   → https://www.searchapi.io/api/v1/search?api_key=<secret>&<your query>

GET only. Every control travels in the query string and is forwarded verbatim: engine (picks google, bing, google_maps, …), q, location, num, and so on. The gateway injects and defaults nothing beyond the key — your call behaves exactly as if it hit SearchAPI.io directly.

What the gateway injects and strips

SearchAPI.io accepts its key as either an api_key query parameter or an Authorization: Bearer token. The gateway injects the query param and drops the bearer, foreclosing both channels:

  • api_key is injected as the first query parameter, so a partially-encoded value can’t swallow it.
  • A client-supplied api_key query param is dropped (in any encoding), so the injected key can’t be overridden.
  • The Authorization header is stripped before forwarding — this also removes SearchAPI.io’s second auth channel.

Examples

$curl "$GATEWAY/searchapi?engine=google&q=coffee" \
>  -H "Authorization: Bearer $TOKEN"

The response is SearchAPI.io’s JSON, returned unchanged. For the full parameter set per engine, see SearchAPI.io’s documentation.