Getting started with the public API

Create your developer account, generate your sk_live_ key and make your first call to the Sanctumel API in five minutes.

2026-07-05

The Sanctumel public API lets you display a church's public data on any website or application: profile, upcoming events, announcements and live status. It also gives access to the Bible in several languages. It is read-only, free, and used with a personal API key.

1. Create your developer account

  1. Open developers.sanctumel.com and click Get my API key.
  2. Choose the Create an account tab, fill in your name, email and password.
  3. Open the verification email you receive and confirm your address. This step is mandatory: it is impossible to create a key with an unverified address.

Note: the developer account is independent of a church account. You can be a developer without administering any church.

2. Generate your key

  1. Sign in on the My API keys page.
  2. Give your key a name (for example "Parish website") and click Create a key.
  3. Copy the key immediately. It starts with sk_live_ and will never be shown again: Sanctumel only keeps a cryptographic fingerprint of it, just like a password.

You can have up to 5 active keys at the same time (one per website or application, which is the best practice) and revoke each one at any time - revocation is immediate.

3. First call

All requests are made over HTTPS with your key in the Authorization header:

curl https://api.sanctumel.com/api/public/v1/churches/mon-eglise \
  -H "Authorization: Bearer sk_live_votre_cle"

The response is JSON:

{
  "slug": "mon-eglise",
  "name": "Mon Église",
  "city": "Bruxelles",
  "country": "BE",
  "language": "fr",
  "publicPage": "https://sanctumel.com/p/…"
}

Which churches are accessible?

Only those that have made their profile public. Each church decides its visibility in its Sanctumel settings; a non-public church returns 404 - the API does not even reveal its existence. The slug of a public church is visible in the address of its Sanctumel page.

Limits and errors

CodeMeaningWhat to do
401Key missing, invalid or revokedCheck the Authorization: Bearer sk_live_… header
404Church not found or profile not publicCheck the slug; the church must have chosen public visibility
405Method not allowedThe API is read-only: GET only
429Too many requestsLimit: 120 requests/minute per key - cache on your side

Security best practices

  • Never put the key in code visible to the browser (front-end JavaScript): call the API from your server and serve the result to your pages.
  • One key per use case: if a site is compromised, revoke its key without touching the others.
  • Cache the responses (events do not change every second): you will stay well below the rate limit.

Going further

Need help?
Quick answers and support in your language.
Help center