API System Under Maintenance

System is under maintenance. Please try again later.

Fast & Reliable

Server Intelligence
For Developers.

Integrate RedM & FiveM server data directly into your applications. One endpoint to fetch configuration, dynamic variables, and player lists.

Getting an API Key

To start using the API, you'll need a unique API key. This key identifies your application and tracks your usage limits.

  1. Log in to your account.
  2. Navigate to the Dashboard.
  3. Click the "Create New Key" button.
  4. Copy your key immediately.

Note: Keys are only shown once. If you lose it, you'll need to generate a new one. Banned or restricted accounts cannot create new keys.

Ready to start?

Get your key in seconds.

Go to Dashboard

Live System Status

Current Status

Checking...

Database

...

Cache (Redis)

...

Latency

...

Maintenance

...

Last updated: ---

Authentication

All API requests require an API key. You can generate a key in your dashboard. Keys are prefixed with csl_.

Option 1: HTTP Header (Recommended)

Header NameValue
x-api-keycsl_xxxxxxxxxxxxxxxxxxxxxxxx

Option 2: Query Parameter

?key=csl_xxxxxxxxxxxxxxxxxxxxxxxx

Immediate Revocation: Our API uses Redis-backed authentication. When a key is revoked or an account is banned, access is terminated instantly across all endpoints.

Rate Limiting

Requests are limited based on your plan. If you exceed the limit, you will receive a 429 Too Many Requests response.

Response Headers

  • X-RateLimit-LimitMax requests per minute
  • X-RateLimit-RemainingRequests left in window
  • X-RateLimit-ResetTime until reset (ms)

Plan Limits

  • Free10 req/min
  • Pro20 req/min
  • Advanced120 req/min
GET /api/lookup

Server Lookup

Retrieves aggregated data for a specific server. Handles resolving CFX Server IDs (xxxxxx) and direct IP:Port addresses.

Resolution rules

  • target accepts CFX ID, IP, Domain, or IP:Port
  • If no port is provided, tries 30120 and 30110 over HTTP and HTTPS
  • On connection timeout/unreachable, you may receive 504/502 responses
  • Privacy note: private CFX listings may redact player names via the API; direct IP can include full names if allowed by the server
GET
/api/lookup?target=xxxxxx

Request

HEADERS
x-api-keystring*Required
QUERY PARAMS
targetstring*Required

The server identifier. Can be a 6-character ID (e.g., abcdef) or an IP:Port.

Interactive Playground

GET /lookup?target=
x-api-key:
Running in demo mode (simulated response)
Status: 200
{
  "players": [
    {
      "name": "John Wayne",
      "id": 1,
      "ping": 45,
      "identifiers": [
        "steam:110000100005678",
        "license:1234567890abcdef1234567890abcdef",
        "discord:123456789012345678"
      ]
    },
    {
      "name": "Doc Holliday",
      "id": 2,
      "ping": 52,
      "identifiers": [
        "steam:110000100009876",
        "license:abcdef1234567890abcdef1234567890"
      ]
    }
  ],
  "server": {
    "hostname": "RedM Roleplay | Western | RP | Economy | Voice",
    "clients": 128,
    "sv_maxClients": 256,
    "gamename": "rdr3",
    "mapname": "redm-map-one",
    "resources": [
      "mapmanager",
      "chat",
      "spawnmanager",
      "sessionmanager",
      "basic-gamemode",
      "hardcap",
      "rconlog",
      "scoreboard",
      "playernames"
    ],
    "vars": {
      "locale": "en-US",
      "tags": "roleplay, western, economy, voice, serious",
      "sv_projectName": "RedM Roleplay",
      "sv_projectDesc": "The best immersive western experience!",
      "onesync_enabled": "true",
      "txAdmin-version": "4.15.0"
    },
    "version": "6683",
    "connectEnd": "192.168.1.1:30120",
    "icon": "iVBORw0KGgoAAAANSUhEUgAA..."
  }
}

Example Response

{
  "players": [
    { "endpoint": "1.2.3.4:30120", "id": 12, "name": "PlayerOne", "ping": 42 },
    { "endpoint": "1.2.3.4:30120", "id": 45, "name": "Developer", "ping": 10 }
  ],
  "server": {
    "hostname": "Official RedM RP Server",
    "mapname": "Saint Denis",
    "gametype": "Roleplay",
    "sv_maxClients": 128,
    "icon": "base64_data...",
    "vars": {
      "sv_projectName": "My Community",
      "tags": "rdr3, rp, serious",
      "banner_detail": "https://i.imgur.com/example.png"
    }
  }
}

Code Examples

Curl
curl -X GET "https://cfx-lookup.com/api/lookup?target=xxxxxx" \
  -H "x-api-key: csl_..."
Node.js
const res = await fetch("https://cfx-lookup.com/api/lookup?target=xxxxxx", {
  headers: { "x-api-key": "csl_..." }
});
const data = await res.json();
Python
import requests
headers = { "x-api-key": "csl_..." }
res = requests.get("https://.../api/lookup?target=xxxxxx", headers=headers)
data = res.json()

Handling Icons & Banners

Server icons are returned as Base64 strings, while banners are standard URLs. Here's how to display them.

Server Icon

The server.icon field contains the raw Base64 data. You must prepend the data URI scheme to display it.

// React / Next.js Example
<img 
  src={`data:image/png;base64,${data.server.icon}`} 
  alt="Server Icon" 
/>

Server Banner

Banners are found in server.vars.banner_detail or server.vars.banner_connecting.

// React / Next.js Example
<img 
  src={data.server.vars.banner_detail} 
  alt="Server Banner" 
/>

Error Codes

The API uses standard HTTP status codes to indicate the success or failure of requests.

CodeErrorDescription
200OKRequest was successful.
400Bad RequestInvalid request parameters (e.g., missing or malformed target).
401UnauthorizedMissing, invalid, or expired API key.
403ForbiddenAccess denied (e.g., user is banned).
429Too Many RequestsRate limit exceeded. Check X-RateLimit-* headers.
405Method Not AllowedOnly GET requests are supported for this endpoint.
500Internal ErrorSomething went wrong on our end.
502Bad GatewayTarget server is offline or unreachable.
503Service UnavailableAPI is currently under maintenance.
504Gateway TimeoutTarget server took too long to respond.

System Status

Monitor API health and maintenance status via our public status endpoint. No API key required.

GET/api/status
{ "status": "healthy", "maintenance": false, "services": { "database": "connected", "cache": "connected" }, "latency": "12ms" }

Secure & Private

API keys are securely hashed. We prioritize user privacy and data security.

Aggregated Data

We merge data from players.json, dynamic.json, and info.json into a single, clean response object.

Type-Safe

Consistent JSON structure regardless of the target server version or configuration.