Integrate The TeraboxDL API
This guide documents the public plans endpoint, the free test endpoint, the signed production endpoint, and the client account and usage endpoints available after subscription.
Base URL
https://api.teraboxdl.site
Production auth
`POST /v1/api` requires `X-API-Key`, `X-Timestamp`, and `X-Signature`.
Client tools
Usage, history, export, dashboard, and account endpoints authenticate with `X-API-Key`.
Quick Start
1. Test the response
2. Sign production requests
3. Use returned URLs as-is
Public Endpoints
GET /api/plans
Public
POST /api/test
Public, 3 per day per IP
{ "url": "https://terabox.com/..." } and returns a live sample response for preview purposes.POST /v1/api
Paid, signed production endpoint
{ "url": "https://terabox.com/..." } and returns the production extraction response.Authentication For `POST /v1/api`
Required headers:
Content-Type: application/json X-API-Key: your_api_key X-Timestamp: unix_timestamp_in_seconds X-Signature: hmac_sha256_signature
Signature formula:
signature = HMAC_SHA256(api_secret, METHOD + PATH + TIMESTAMP + BODY)
Use the exact request body string in both places:
POST + /v1/api + 1744212345 + {"url":"https://terabox.com/s/your-link"}`X-Timestamp` must be a Unix timestamp in seconds and should be close to server time. Requests with missing, invalid, or expired timestamps will be rejected.
Node.js example
import crypto from "node:crypto";
const baseUrl = "https://api.teraboxdl.site";
const apiKey = process.env.TERABOX_API_KEY!;
const apiSecret = process.env.TERABOX_API_SECRET!;
const body = JSON.stringify({
url: "https://terabox.com/s/your-link",
});
const timestamp = Math.floor(Date.now() / 1000).toString();
const signature = crypto
.createHmac("sha256", apiSecret)
.update(`POST/v1/api${timestamp}${body}`)
.digest("hex");
const response = await fetch(`${baseUrl}/v1/api`, {
method: "POST",
headers: {
"Content-Type": "application/json",
"X-API-Key": apiKey,
"X-Timestamp": timestamp,
"X-Signature": signature,
},
body,
});
const data = await response.json();
console.log(data);Python example
import json
import time
import hmac
import hashlib
import requests
BASE_URL = "https://api.teraboxdl.site"
API_KEY = "your_api_key"
API_SECRET = "your_api_secret"
payload = {
"url": "https://terabox.com/s/your-link"
}
body = json.dumps(payload, separators=(",", ":"))
timestamp = str(int(time.time()))
message = f"POST/v1/api{timestamp}{body}"
signature = hmac.new(
API_SECRET.encode("utf-8"),
message.encode("utf-8"),
hashlib.sha256,
).hexdigest()
response = requests.post(
f"{BASE_URL}/v1/api",
headers={
"Content-Type": "application/json",
"X-API-Key": API_KEY,
"X-Timestamp": timestamp,
"X-Signature": signature,
},
data=body,
timeout=40,
)
print(response.json())Response Shape
A successful production response returns `errno: 0` and a `list` of extracted files. Folder links are expanded so your client can iterate over file items directly.
{
"errno": 0,
"request_id": 1744212345678900,
"server_time": 1744212345,
"list": [
{
"fs_id": 123456789,
"server_filename": "sample-video.mp4",
"size": 104857600,
"formatted_size": "100.00 MB",
"direct_link": "https://...",
"stream_url": "https://...",
"stream_download_url": "https://...",
"thumbs": {
"url1": "https://...",
"url2": "https://...",
"url3": "https://...",
"icon": "https://..."
}
}
],
"share_id": 123456,
"uk": 987654,
"title": "Terabox Download",
"total_size_bytes": 104857600,
"total_size": "100.00 MB"
}Top-level fields
`request_id`, `server_time`, `share_id`, `uk`, `title`, `total_size_bytes`, and `total_size` help you track and summarize the response.
File items
Each item can include `server_filename`, `size`, `formatted_size`, `direct_link`, and thumbnail data. Video items may also include `stream_url` and `stream_download_url`.
Client Endpoints After Subscription
These endpoints authenticate with `X-API-Key`. They do not require request signing.
