live & operational
grok api v2.0.0
A powerful, authenticated API wrapper for Grok AI. Access advanced language models, image generation, and integrated tools through a simple REST interface.
api4.exploit.bot
authentication
Protected endpoints require an API key passed via the X-API-Key header.
api key authentication
header name
X-API-Key
default key
"eric"
required for
protected endpoints
base url
production
https://api4.exploit.bot
protocol
HTTPS (TLS 1.3)
backend port
5204
request headers
content-type
application/json
accept
application/json
x-api-key
your api key
quick start
Get started with the Grok API in seconds. Here's a simple example to make your first request.
curl
curl -X POST "https://api4.exploit.bot/ask" \ -H "Content-Type: application/json" \ -H "X-API-Key: eric" \ -d '{ "message": "What is the capital of France?", "model": "grok-3-auto" }'
protected endpoints
These endpoints require the X-API-Key header for authentication.
POST
/ask
Ask Grok a question and receive a complete response
🔒 auth required
▼
request parameters
| parameter | type | required | description |
|---|---|---|---|
| message | string | required | The message or question to send to Grok |
| model | string | optional | Model to use (default: grok-3-auto) |
| tools | object | optional | Tool configuration dictionary (see Tools section) |
response fields
status- Request status ("success" or "error")response- Complete text response from Grokstream_response- Array of response tokensimages- Generated images (if any), null otherwiseconversation_id- ID for continuing conversationparent_response_id- Response ID for threading
example response
json
{
"status": "success",
"response": "The capital of France is Paris.",
"stream_response": ["The", " capital", " of", " France", " is", " Paris", "."],
"images": null,
"conversation_id": "conv_abc123xyz",
"parent_response_id": "resp_def456uvw"
}
POST
/ask/stream
Stream response via Server-Sent Events (SSE)
🔒 auth required
▼
request parameters
| parameter | type | required | description |
|---|---|---|---|
| message | string | required | The message or question to send to Grok |
| model | string | optional | Model to use (default: grok-3-auto) |
| tools | object | optional | Tool configuration dictionary |
response format
Returns a Server-Sent Events stream. Each event contains a token or metadata.
sse stream
event: token data: "The" event: token data: " capital" event: token data: " of France is Paris." event: done data: {"conversation_id": "conv_abc123", "parent_response_id": "resp_xyz789"}
POST
/ask/continue
Continue an existing conversation with context
🔒 auth required
▼
request parameters
| parameter | type | required | description |
|---|---|---|---|
| message | string | required | Follow-up message |
| conversation_id | string | required | ID from previous response |
| parent_response_id | string | required | Response ID from previous message |
| model | string | optional | Model to use (default: grok-3-auto) |
| tools | object | optional | Tool configuration dictionary |
example request
json
{
"message": "What is its population?",
"conversation_id": "conv_abc123xyz",
"parent_response_id": "resp_def456uvw",
"model": "grok-3-auto"
}
POST
/generate/image
Generate images from text prompts using Grok's image model
🔒 auth required
▼
request parameters
| parameter | type | required | description |
|---|---|---|---|
| prompt | string | required | Text description of the image to generate |
| model | string | optional | Image model to use (default: grok-4.1) |
| count | integer | optional | Number of images to generate (1-4, default: 1) |
response fields
status- Request status ("success" or "error")prompt- The prompt that was usedimages- Array of generated image URLscount- Number of images generatedmodel- Model used for generation
example response
json
{
"status": "success",
"prompt": "A futuristic city at sunset",
"images": [
"https://grok.x.ai/images/gen_abc123.png",
"https://grok.x.ai/images/gen_def456.png"
],
"count": 2,
"model": "grok-4.1"
}
public endpoints
These endpoints are publicly accessible and do not require authentication.
GET
/models
List all available Grok models
🌐 public
▼
example response
json
{
"models": [
"grok-3",
"grok-3-auto",
"grok-3-fast",
"grok-4",
"grok-4.1",
// ... more models
],
"default": "grok-3-auto"
}
GET
/tools
List all available tools and their status
🌐 public
▼
response fields
tools- Array of available tool namesdescriptions- Object with tool descriptionsdefaults- Object with default enabled status
GET
/status
Get API service status and version information
🌐 public
▼
example response
json
{
"status": "operational",
"version": "2.0.0",
"uptime": 86400,
"authenticated": true
}
GET
/auth/status
Check current Grok authentication status
🌐 public
▼
example response
json
{
"authenticated": true,
"cookies_present": true,
"sso_valid": true,
"last_updated": "2025-12-01T10:30:00Z"
}
POST
/auth/cookies
Submit Grok authentication cookies
🌐 public
▼
request body
| parameter | type | required | description |
|---|---|---|---|
| sso | string | required | SSO JWT session token |
| sso-rw | string | recommended | SSO read-write token |
| cf_clearance | string | recommended | Cloudflare clearance cookie |
POST
/auth/test
Test API connection with current authentication
🌐 public
▼
response
Sends a simple test message to verify the API connection is working.
GET
/nginx-health
Health check endpoint for load balancers
🌐 public
▼
response
json
{
"status": "healthy"
}
GET
/docs
Interactive Swagger UI documentation
🌐 public
▼
description
Opens the auto-generated Swagger UI with interactive API testing capabilities. Open Swagger UI →
available models
Choose the right model for your use case. Each model has different capabilities and performance characteristics.
| model | description | best for |
|---|---|---|
| grok-3 | Standard Grok 3 model | General use |
| grok-3-auto DEFAULT | Adaptive mode - automatically adjusts to task complexity | Most tasks |
| grok-3-fast | Speed optimized version of Grok 3 | Quick responses |
| grok-3-mini-beta | Lightweight model for simpler tasks | Simple tasks |
| grok-3-mini-fast-beta | Ultra-fast lightweight model | Ultra-fast simple queries |
| grok-4 | Expert mode with enhanced reasoning | Complex problems |
| grok-4-fast | Fast version of Grok 4 | Fast expert responses |
| grok-4.1 | Latest and most capable model | Best quality |
| grok-4.1-fast | Fast version of Grok 4.1 | Fast high-quality |
| grok-4-mini-thinking-tahoe | Chain-of-thought reasoning model | Math, logic, reasoning |
| grok-code-fast-1 | Optimized for code generation and analysis | Coding tasks |
available tools
Grok can use these integrated tools to enhance responses with real-time data and capabilities.
| tool | api name | description | default |
|---|---|---|---|
| web_search | webSearch |
Search the internet for current information | ✓ enabled |
| browse_page | browsePage |
Read and extract content from web pages | ✓ enabled |
| code_interpreter | codeInterpreter |
Execute Python code for calculations and analysis | ✓ enabled |
| image_generation | imageGeneration |
Generate images from text descriptions | ✓ enabled |
| x_search | xSearch |
Search X (Twitter) for posts and trends | ✓ enabled |
| x_post_lookup | xPostLookup |
Look up specific X posts by ID or URL | ✓ enabled |
using tools in requests
You can enable or disable specific tools by passing a tools object in your request:
json
{
"message": "What's the latest news about AI?",
"model": "grok-3-auto",
"tools": {
"webSearch": true,
"browsePage": true,
"codeInterpreter": false,
"imageGeneration": false,
"xSearch": true,
"xPostLookup": false
}
}
code examples
Complete, working examples in multiple programming languages to get you started quickly.
basic request - POST /ask
curl
curl -X POST "https://api4.exploit.bot/ask" \ -H "Content-Type: application/json" \ -H "X-API-Key: eric" \ -d '{ "message": "Explain quantum computing in simple terms", "model": "grok-3-auto" }'
python
import requests url = "https://api4.exploit.bot/ask" headers = { "Content-Type": "application/json", "X-API-Key": "eric" } data = { "message": "Explain quantum computing in simple terms", "model": "grok-3-auto" } response = requests.post(url, headers=headers, json=data) result = response.json() print(result["response"])
javascript (fetch)
const response = await fetch("https://api4.exploit.bot/ask", { method: "POST", headers: { "Content-Type": "application/json", "X-API-Key": "eric" }, body: JSON.stringify({ message: "Explain quantum computing in simple terms", model: "grok-3-auto" }) }); const result = await response.json(); console.log(result.response);
node.js (axios)
const axios = require('axios'); async function askGrok() { const response = await axios.post( 'https://api4.exploit.bot/ask', { message: 'Explain quantum computing in simple terms', model: 'grok-3-auto' }, { headers: { 'Content-Type': 'application/json', 'X-API-Key': 'eric' } } ); console.log(response.data.response); } askGrok();
streaming response - POST /ask/stream
curl
curl -X POST "https://api4.exploit.bot/ask/stream" \ -H "Content-Type: application/json" \ -H "X-API-Key: eric" \ -H "Accept: text/event-stream" \ -N \ -d '{ "message": "Write a haiku about programming", "model": "grok-3-auto" }'
python (sseclient)
import requests import sseclient url = "https://api4.exploit.bot/ask/stream" headers = { "Content-Type": "application/json", "X-API-Key": "eric", "Accept": "text/event-stream" } data = { "message": "Write a haiku about programming", "model": "grok-3-auto" } response = requests.post(url, headers=headers, json=data, stream=True) client = sseclient.SSEClient(response) for event in client.events(): if event.event == "token": print(event.data, end="", flush=True) elif event.event == "done": print("\n\nStream complete!")
javascript (eventsource)
const response = await fetch("https://api4.exploit.bot/ask/stream", { method: "POST", headers: { "Content-Type": "application/json", "X-API-Key": "eric" }, body: JSON.stringify({ message: "Write a haiku about programming", model: "grok-3-auto" }) }); const reader = response.body.getReader(); const decoder = new TextDecoder(); while (true) { const { done, value } = await reader.read(); if (done) break; console.log(decoder.decode(value)); }
continue conversation - POST /ask/continue
python
import requests API_URL = "https://api4.exploit.bot" headers = { "Content-Type": "application/json", "X-API-Key": "eric" } # First message response1 = requests.post( f"{API_URL}/ask", headers=headers, json={"message": "What is the capital of France?"} ).json() print(f"First response: {response1['response']}") # Continue the conversation response2 = requests.post( f"{API_URL}/ask/continue", headers=headers, json={ "message": "What is its population?", "conversation_id": response1["conversation_id"], "parent_response_id": response1["parent_response_id"] } ).json() print(f"Follow-up response: {response2['response']}")
javascript
const API_URL = "https://api4.exploit.bot"; const headers = { "Content-Type": "application/json", "X-API-Key": "eric" }; // First message const response1 = await fetch(`${API_URL}/ask`, { method: "POST", headers, body: JSON.stringify({ message: "What is the capital of France?" }) }).then(r => r.json()); console.log("First response:", response1.response); // Continue the conversation const response2 = await fetch(`${API_URL}/ask/continue`, { method: "POST", headers, body: JSON.stringify({ message: "What is its population?", conversation_id: response1.conversation_id, parent_response_id: response1.parent_response_id }) }).then(r => r.json()); console.log("Follow-up response:", response2.response);
image generation - POST /generate/image
curl
curl -X POST "https://api4.exploit.bot/generate/image" \ -H "Content-Type: application/json" \ -H "X-API-Key: eric" \ -d '{ "prompt": "A futuristic city with flying cars at sunset", "model": "grok-4.1", "count": 2 }'
python
import requests url = "https://api4.exploit.bot/generate/image" headers = { "Content-Type": "application/json", "X-API-Key": "eric" } data = { "prompt": "A futuristic city with flying cars at sunset", "model": "grok-4.1", "count": 2 } response = requests.post(url, headers=headers, json=data) result = response.json() for i, image_url in enumerate(result["images"]): print(f"Image {i+1}: {image_url}")
javascript
const response = await fetch("https://api4.exploit.bot/generate/image", { method: "POST", headers: { "Content-Type": "application/json", "X-API-Key": "eric" }, body: JSON.stringify({ prompt: "A futuristic city with flying cars at sunset", model: "grok-4.1", count: 2 }) }); const result = await response.json(); result.images.forEach((url, i) => { console.log(`Image ${i + 1}: ${url}`); });
error handling
Understanding error codes and how to handle them properly in your application.
400
Bad Request
The request body is malformed or missing required fields.
Solution: Check that all required parameters are included and properly formatted as JSON.
401
Unauthorized
Missing or invalid API key in the X-API-Key header.
Solution: Ensure you're including the
X-API-Key header with a valid API key.
403
Forbidden
Request rejected by anti-bot rules or Cloudflare protection.
Solution: Refresh Grok authentication cookies via /auth.html. Cookies may have expired.
404
Not Found
The requested endpoint or resource does not exist.
Solution: Verify the endpoint URL and check the API documentation.
422
Validation Error
Request parameters failed validation.
Solution: Check the error response for details about which field failed validation.
429
Too Many Requests
Rate limit exceeded.
Solution: Implement exponential backoff and retry logic. Wait before making additional requests.
500
Internal Server Error
An unexpected error occurred on the server.
Solution: Retry the request. If the problem persists, check server logs or contact support.
503
Service Unavailable
The Grok service is temporarily unavailable.
Solution: Wait and retry. The upstream Grok service may be experiencing issues.
error response format
json
{
"status": "error",
"error": "Detailed error message",
"code": 401,
"details": {
"field": "X-API-Key",
"issue": "Missing or invalid"
}
}
response format
All API responses follow a consistent JSON structure for easy parsing and error handling.
success response - /ask
json
{
"status": "success",
"response": "Paris is the capital of France. It is known as the 'City of Light' and is famous for the Eiffel Tower, the Louvre Museum, and its rich cultural heritage.",
"stream_response": [
"Paris",
" is",
" the",
" capital",
" of",
" France",
".",
// ... more tokens
],
"images": null,
"conversation_id": "conv_1234567890abcdef",
"parent_response_id": "resp_abcdef1234567890"
}
success response - /generate/image
json
{
"status": "success",
"prompt": "A futuristic city with flying cars at sunset",
"images": [
"https://grok.x.ai/images/generated/img_abc123.png",
"https://grok.x.ai/images/generated/img_def456.png"
],
"count": 2,
"model": "grok-4.1"
}
response with images (from /ask with image generation)
json
{
"status": "success",
"response": "I've created an image of a sunset over mountains for you.",
"stream_response": ["I've", " created", " an", " image", ...],
"images": [
{
"url": "https://grok.x.ai/images/generated/sunset_mountains.png",
"prompt": "A beautiful sunset over snow-capped mountains"
}
],
"conversation_id": "conv_xyz789",
"parent_response_id": "resp_uvw456"
}