Public API Test

Test The Response Before You Subscribe

This page uses the backend test endpoint at `POST /api/test`. It is public, accepts a valid TeraBox URL, and is limited to 3 test requests per day per IP.

Public test only

No API key is required here. The paid production endpoint uses signed authentication instead.

Same response model

The test endpoint is intended to show the response structure your client will parse in production.

Docs are public

Authentication, request signing, and client endpoint details are available in the integration guide.

Use this page to verify your link handling and response parsing. When you move to production, sign requests on your server with your API secret.

Test Interface

Enter a valid TeraBox file or folder URL to preview the live response. If it is a folder link, you can test lazy fetching by entering a specific folder path and page number below.

TeraBox URL

Example: https://terabox.com/s/1N7b0LRn8PbGhbwjhgTHI1A

Testing Folders? The backend fetches folders lazily. Use the fields below to navigate through subdirectories exactly like your client will in production.

Folder Path (Optional)

Page (Optional)

Production quick look

The paid endpoint is `POST /v1/api` with signed authentication.

import crypto from "node:crypto";

const baseUrl = "https://api.teraboxdl.site";
const apiKey = process.env.TERABOX_API_KEY!;
const apiSecret = process.env.TERABOX_API_SECRET!;
const body = JSON.stringify({
  url: "https://terabox.com/s/your-link",
  dir_path: "", // Optional: specific folder path
  page: 1, // Optional: page number
});

const timestamp = Math.floor(Date.now() / 1000).toString();
const signature = crypto
  .createHmac("sha256", apiSecret)
  .update(`POST/v1/api${timestamp}${body}`)
  .digest("hex");

const response = await fetch(`${baseUrl}/v1/api`, {
  method: "POST",
  headers: {
    "Content-Type": "application/json",
    "X-API-Key": apiKey,
    "X-Timestamp": timestamp,
    "X-Signature": signature,
  },
  body,
});

const data = await response.json();

What to implement in your client

These are the parts that matter when you move from testing to production.

1. Keep the API secret on your server and sign the exact JSON body you send.

2. Send `X-API-Key`, `X-Timestamp`, and `X-Signature` with the production request.

3. Use `direct_link` for file downloads and use video fields only when they are present.

4. Read the docs page for account, dashboard, analytics, history, and export endpoints.

Need A Higher Request Tier?

Review the plan tiers and choose the daily request allowance that fits your production traffic.