TikTok API Pricing: Full Breakdown for 2026

TikTok API pricing in 2026 is free. TikTok publishes no paid tier, no per-call fee, and no subscription anywhere on the developer portal for the Content Posting API, the Display API, the Research API, or the Marketing API.

I’ve been shipping on social media APIs for years, and TikTok is the platform where “free” hides the most calendar time. Instagram’s API is also free but the friction lives in Meta App Review. Threads is free too, with most of that friction trimmed. TikTok sits in between, with a sandbox mode that lets you build immediately and a separate audit gate that decides whether your app can post publicly or only inside the sandbox.

This guide covers what the TikTok API costs in 2026, the sandbox-to-production audit that catches most builders, the 6 requests per minute posting cap, the 24-hour access token plus 365-day refresh token lifecycle, the scraper market that fills in the gaps the official API does not, and when a wrapper makes more sense than wiring TikTok’s auth flow yourself.

TikTok API Pricing at a Glance (2026)

Access path	Cost	Best for	Key friction
TikTok Content Posting API	No paid tier or per-call fee published	Direct posting and uploads to your own or audited users’ TikTok accounts	Sandbox-only posts are forced private until app passes audit, 6 req/min per user, URL-prefix verification for PULL_FROM_URL
TikTok Display API	No paid tier or per-call fee published	Reading public user info, video lists, and video metadata	600 req/min per endpoint, production access still requires audit
TikTok Research API	No paid tier or per-call fee published	Academic and non-profit research on public TikTok data	Eligibility limited to qualifying universities and non-profits, ~4 week review, 1,000 req/day default
TikTok Marketing / Business API	API access is free, ad spend separate	Programmatic ad campaign management, audiences, reporting	TikTok for Business account, app approval, no read access to public content
TikAPI (unofficial wrapper)	Starter $29/mo (300 req/day), Pro $79/mo (2,000 req/day), Business $189/mo, 5-day free trial	Read scraping with some posting in regions where TikAPI supports it	Unofficial, no Meta-style SLA, scraping ToS risk
TikHub	Pay-as-you-go from $0.001 per request	Mixed read endpoints across 16 platforms including TikTok, Instagram, and YouTube	Pay-per-request budgeting, unofficial endpoint
EnsembleData TikTok endpoints	Free 50 units/day, then $100/mo Wood up to ~$1,400/mo Platinum, Diamond custom	Bulk public-data extraction at predictable monthly cost	Read-only, units consume at 1-10 per call
Apify (clockworks/tiktok-scraper)	$1.70 per 1,000 results, pay-per-event, free trial	Ad-hoc scraping jobs with no monthly commitment	Read-only, no posting, scraping ToS risk
Blotato unified API	Starter $29/mo, Creator $97/mo, Agency $499/mo	Posting TikTok + 8 other platforms from one endpoint	API access on paid plans only, generating a key ends the free trial

The honest answer is that every official TikTok API is free in dollar terms. The catch is that production posting requires passing TikTok’s app audit, the Research API is closed to commercial users, and the per-user posting limit is 6 requests per minute, which is generous for one creator and tight for a tool that posts on behalf of many users.

For teams that just need to publish to TikTok (and eight other platforms) without writing the OAuth flow or running the audit themselves, Blotato wires the whole posting layer up behind one endpoint and removes the audit step from the critical path. The dashboard has a 7-day free trial. The Blotato API runs on paid plans starting at $29/month.

Dashboard trial: 7 days, no credit card · API access: paid plans only

What Changed in 2026

Four things shifted on the TikTok developer surface in the past twelve months.

The first is photo posting on the Content Posting API. The endpoint that used to accept only MP4 videos now accepts photo carousels alongside video uploads, which closes a gap that previously pushed image-heavy tools to scrape instead of publish.

The second is sandbox mode becoming the standard pre-audit testing path. Up to five sandboxes per app, each shareable with up to ten TikTok accounts, no review required. The trade-off is that any content posted from a non-audited client is forced to private visibility regardless of what the user picked in the OAuth consent screen.

The third is the European Commission’s October 2025 preliminary finding that TikTok was in breach of Digital Services Act Article 40 researcher data-access obligations, alongside Meta. The Commission’s new delegated act on data access for vetted researchers came into force on October 29, 2025. None of this changes the official TikTok Research API’s eligibility rules, but it adds a separate EU pathway for academic researchers that did not exist a year ago.

The fourth is the unofficial wrapper market splitting in two. TikAPI moved to a balance-and-bundle pricing model with public Starter, Pro, and Business tiers at $29, $79, and $189 per month. TikHub launched a pay-as-you-go model at $0.001 per request that competes with EnsembleData’s monthly Wood-through-Platinum tiers ($100 to $1,400). Both target the read-and-scrape use case the official API cannot serve at volume.

TikTok API Pricing, in Plain English

Each access path, in dev-to-dev terms.

Content Posting API (no published paid tier)

The Content Posting API is TikTok’s official path for programmatic uploads and direct posts. There is no monthly subscription, no per-call fee, and no paid quota-increase product anywhere on the Content Posting API product page.

The catch is two-fold. First, the scope you request matters: video.publish for direct posts that go straight live, video.upload for uploads that drop into the user’s TikTok inbox for manual confirmation. The Direct Post path is the one most builders want, and it is the path that requires app audit. Second, for the PULL_FROM_URL transfer method, your media must live on an HTTPS URL whose prefix you have verified via DNS TXT record or file upload. No redirects.

Once your app is approved, it can act on any user who completes the OAuth flow, subject to the rate-limit math below and the 24-hour daily caps.

Display API (read public data, login kit)

The Display API serves the read side: user info, video list, and video query. The rate limit is 600 requests per minute per endpoint, counted in a one-minute sliding window, per the official rate-limit doc. Returns HTTP 429 with rate_limit_exceeded if you push past it. Free at the dollar level, audit-gated for production at the access level.

Research API (academic and non-profit only)

The Research API is free, with a 1,000 requests per day default and up to 100,000 records per day. Followers and Following endpoints have their own 20,000 requests per day allowance, up to 2 million records per day. Eligibility is limited to qualifying academic institutions in the US, EEA, UK, and Switzerland, EU-registered non-profits, and Brazilian academic or non-profit researchers studying youth safety. Commercial users, creators, and advertisers are explicitly ineligible. Approval typically takes about four weeks.

Marketing / Business API (you pay ads, not API access)

The TikTok for Business API at business-api.tiktok.com is free at the endpoint level. You pay for ad spend on the TikTok Ads platform itself. Access requires a TikTok for Business account and an approved developer app, but no per-call charge.

Third-party wrappers (TikAPI, TikHub, EnsembleData)

These vendors fill in the use cases the official APIs cannot serve at volume, mostly read-side scraping. Four to know:

Vendor	Pricing	Notes
TikAPI	Starter $29/mo (300 req/day), Pro $79/mo (2,000 req/day), Business $189/mo	5-day free trial
TikHub	Pay-as-you-go from $0.001 per request	Covers 16 platforms including TikTok, Instagram, YouTube
EnsembleData	Free 50 units/day, Wood $100/mo (1,500 units/day) up to Platinum $1,400/mo (50,000 units/day)	Diamond tier custom, units consume 1-10 per call
Apify clockworks/tiktok-scraper	$1.70 per 1,000 results, pay-per-event	4.7/5 across 288 reviews, free trial

All four are unofficial. TikTok’s developer terms prohibit scraping, and the 2024 Meta v. Bright Data ruling sided with scrapers on public data while leaving contract-based claims in play in some contexts. None of these vendors offer a compliant Direct Post path. That lives only inside the official Content Posting API.

The Real Cost: Sandbox, Audit, and Token Refresh

TikTok does not publish a paid tier or per-call fee for any of its official APIs, but production access is not free of calendar time. The cost shows up in three places.

Sandbox mode. When your app is new and unaudited, you can spin up to five sandboxes per app, each shareable with up to ten TikTok accounts. Anything you post from inside a sandbox client is forced to private visibility, regardless of what the OAuth scope said or what the end user selected. That is the audit gate working as designed: you can fully build and test, you cannot ship public content to non-tester accounts until your app clears review.

App audit. To move out of sandbox and publish public content on behalf of arbitrary users, you submit your app for TikTok’s review. Required materials include a privacy policy URL, a working demo video of the upload and OAuth flow end to end, a clear data-handling description, and compliance with TikTok’s developer guidelines. Common rejection reasons include uptime issues, incomplete app data, failure to respond to TikTok correspondence, and missing demo coverage of each requested scope. Community reports in 2026 put a clean first-pass audit at roughly one to two weeks. Messy submissions take longer.

Token refresh. Access tokens last 86,400 seconds (24 hours). Refresh tokens last 31,536,000 seconds (365 days) and can be refreshed at any time during that window using grant_type=refresh_token against /v2/oauth/token/, with no user re-consent required, per the OAuth user access token management doc. Revocation runs through /v2/oauth/revoke/. The math is friendlier than Meta’s 60-day long-lived tokens, but you still need a refresh job in your infrastructure.

None of these is a dollar cost. All three are calendar costs. They are the reason indie builders who only need to post to their own account often stay inside sandbox forever, posting to themselves at private visibility for personal automation.

The 6 Per Minute Cap: TikTok’s Posting Rate Limit

The Content Posting API limits how often a single user access token can publish. The number to remember is 6 requests per minute per user, per the Direct Post reference. That is per user, not per app. Sound generous? It is, for a creator posting to their own account.

It is tight for a tool acting on behalf of many users from a shared infrastructure. The rate limit is enforced at the user-token layer, so spreading load across N user tokens scales the cap linearly. The trap is the daily quota that sits on top: TikTok also enforces a daily post cap (spam_risk_too_many_posts) and a per-client daily allowance for total active publishing users. Exact daily numbers are not published, and TikTok adjusts them. Build for failure on a hard 429 or spam_risk response and back off.

The Display API uses a separate ceiling: 600 requests per minute per endpoint, sliding-window. The Research API caps at 1,000 requests per day, 100,000 records per day, with the Followers/Following endpoints separately capped at 20,000 requests per day. Quotas reset at 12:00 AM UTC.

API	Rate limit
Content Posting (per user token)	6 requests per minute
Display API (per endpoint)	600 requests per minute, sliding window
Research API (default)	1,000 requests per day, 100,000 records per day
Research API (followers/following)	20,000 requests per day, 2,000,000 records per day

What trips builders up is not the call ceiling. It is the audit gate. Until your app is audited, every post you publish in production stays private. That is not a quota you can buy your way out of.

Does API Posting Hurt Your Reach?

The most common question I hear from creators considering the Content Posting API is whether scheduled or API-published videos get suppressed compared to posting from inside the TikTok app. The honest answer: TikTok has not published guidance treating API posts differently from native posts, and posting method is absent from TikTok’s official “How TikTok recommends videos #ForYou” ranking-signal list, which calls out user interactions, video information, and device or account settings.

What that does not mean is that every scheduled post gets the same reach as a native one. Three real algorithmic signals get confused with an API penalty:

1. Post-publish session signals. Native posting tends to happen while you are already in the app, scrolling, replying, watching. Scheduled posting often fires when you are asleep. The algorithm weighs the first 30 to 60 minutes of engagement heavily, and creator absence during that window correlates with weaker distribution. Sprout Social’s TikTok integration recognizes this: their scheduler hands off to a mobile notification so the user finishes the publish inside the app.

2. Watermark and duplicate detection. TikTok’s Originality Policy, enforced more strictly since September 15, 2025, demotes content with another platform’s visible watermark or near-duplicate uploads. Schedulers that recycle content from a library can trip this without the creator noticing.

3. Spam-risk thresholds. The Content Posting API returns spam_risk_too_many_posts and spam_risk_user_banned_from_posting when posting frequency or duplicate-content checks fire. Triggering these once will not blacklist your account, but repeated triggers from a brand-new app, brand-new account, or library of similar videos signal bot-like behavior.

Buffer’s public position is that there is “no evidence that social platforms purposely limit the reach of scheduling tools.” That is the defensible read. The reach gap creators report is usually a session-signal gap, not an API tax.

Patterns That Trip Up Most Developers

Four things bite people the first time they ship on the TikTok API. If I had to rank them by how often I have seen builders trip, #1 and #4 sit at the top.

1. Posting from a sandbox client and wondering why nobody can see the video. Sandbox mode forces every uploaded video to private visibility, regardless of what the OAuth scope said. The fix is to pass app audit. There is no settings toggle.
2. Missing the URL-prefix verification for PULL_FROM_URL. If you ask TikTok to fetch media from your own server, the URL prefix or domain needs to be verified inside the developer portal via DNS TXT record or file upload. The HTTPS URL must not redirect. Skip this step and the create-container call can succeed at the request layer while the async media status flips to a failed state later. Poll the container endpoint or you will never see the failure.
3. Treating the access token as long-lived. TikTok access tokens expire in 24 hours. Refresh tokens last 365 days, refreshable any time inside the window. Build the refresh job before launch, not after the first 25-hour outage.
4. Underestimating the audit. Most teams plan for one submission. Plan for two. Demo video coverage is the most common rejection: each requested scope needs to appear in the screencast performing a real action against a real account.

Real-World Access Examples

Three personas show what the TikTok API actually costs in calendar time and dollars.

The Indie SaaS Publisher

You are a solo founder posting 5 to 10 times a day to your own TikTok account, running everything inside a sandbox on your own developer app.

• TikTok API monthly cost: no published API fee in TikTok docs
• App audit: skipped (you stay in sandbox forever, posting to yourself at private visibility for personal use, or audit once for your own public account)
• Token refresh: automated job before the 24-hour mark, ~30 minutes to wire
• Total: no published API fee, ~2 hours of setup

The Agency Posting for 30 Clients

You are running a content agency that posts on behalf of 30 different TikTok accounts.

• TikTok API monthly cost: no published API fee in TikTok docs
• App audit: roughly 1 to 2 weeks for video.publish and user.info.basic, plus demo-video production and OAuth UX cleanup
• URL-prefix verification for the media-host server and a refresh job across 30 user tokens: ongoing engineering
• Per-user 6 requests per minute cap shared across 30 accounts: fine, since the cap is per user, but the per-client daily quota is the ceiling to plan around
• Total: no published API fee, 2 to 4 weeks to launch, recurring auth and audit maintenance

The Brand Monitor or Researcher

You are tracking public TikTok conversation for clients. Reading at scale, not posting.

• Official Research API: closed to commercial users (academic and non-profit only)
• EnsembleData: $100 to $1,400/month by volume, plus a free 50 units per day tier
• TikAPI: $29 to $189/month for 300 to 2,000 requests per day across Starter, Pro, and Business tiers
• TikHub: $0.001 per request pay-as-you-go, no minimum
• Apify clockworks/tiktok-scraper: $1.70 per 1,000 results pay-per-event, no monthly commitment
• Total: $0 if you are an eligible academic researcher, ~$29 to ~$1,400/month if you are commercial

Already on Meta’s APIs? TikTok Is a Different Beast

If you are coming from Instagram’s Graph API or the Threads API, the TikTok flow looks similar on the surface and works differently underneath. Both ecosystems are free at the endpoint level. Both gate production access behind review. The differences worth knowing:

• TikTok’s review is called an “audit” and is scope-specific, not permission-by-permission. Meta reviews each permission separately.
• TikTok forces private visibility inside sandbox, regardless of scope. Meta’s analog is keeping the app in development mode and capping users to invited testers.
• TikTok refresh tokens last 365 days and refresh without user re-consent. Meta long-lived tokens last 60 days.
• TikTok’s Content Posting API audit does not require the business-verification document upload Meta requires for Advanced Access. A demo video is the primary artifact instead.

The mental model carries over. The plumbing does not.

The Honest Pitch: Skip the Audit and Use Blotato

I’d be a bad founder if I didn’t say the comparison below isn’t neutral. I built Blotato, and the pitch is biased on purpose.

If you only need to post to TikTok (and not read at research volume), going direct to TikTok’s API is fine. TikTok does not publish a paid tier or per-call fee for it. The question is whether your time is free too.

You still write the OAuth flow, host the public media URL server, verify the URL prefix, submit for app audit, produce the demo video, and build the 24-hour access token refresh path. And you do it again for every other social media API your product needs on top of TikTok.

One API. Every social platform.

Blotato’s unified API turns the multi-platform posting job into a single HTTP request:

curl -X POST https://backend.blotato.com/v2/posts \
  -H "blotato-api-key: YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "post": {
      "accountId": "YOUR_TIKTOK_ACCOUNT_ID",
      "target": { "targetType": "tiktok" },
      "content": {
        "text": "Posted to TikTok via the Blotato API.",
        "mediaUrls": ["https://your-cdn.example.com/video.mp4"],
        "platform": "tiktok"
      }
    }
  }'

That is the minimal TikTok payload. For TikTok-specific behavior, the Blotato API supports privacy settings (public, friends, private), comment, duet, and stitch toggles, and the disclose-branded-content flag that TikTok requires for paid promotion. The full schema lives in the Blotato API quickstart.

The same envelope works for the other eight platforms in the API enum, but each platform’s target fields differ (Facebook needs pageId, Pinterest needs boardId, Threads has replyControl). Full schema in the Blotato API docs.

The API is included on every paid plan, with no per-post charges layered on top.

Blotato plans:

• Starter ($29/month): 1,250 AI credits, 20 connected accounts
• Creator ($97/month)
• Agency ($499/month)

Start a free week of Blotato →

Sabrina’s Take

I’m biased, obviously. I built Blotato because going direct to each social API stops penciling out the moment a product touches more than two networks. TikTok is the most opinionated audit of the bunch, and even TikTok still costs you the OAuth flow, the URL-prefix verification, the sandbox-to-production audit, the demo video, and a refresh job that runs forever.

If you only need to post to one TikTok account from a personal automation, build it yourself and stay in sandbox. You save the $29 and the audit. If you are building a product that touches more than two networks, wrap it. The hours you save on plumbing pay for the subscription in a week.

FAQs

Is the TikTok API free in 2026?

Every official TikTok API (Content Posting, Display, Research, and Marketing) is free at the dollar level. TikTok publishes no paid tier and no per-call fee in the developer portal. The real cost is calendar time: sandbox-to-production audit, the demo video, the URL-prefix verification, and a 24-hour access token refresh job.

How do I get access to the TikTok Content Posting API?

Create a developer app at developers.tiktok.com, request the video.publish and video.upload scopes, verify your URL prefix or domain for PULL_FROM_URL transfers, build inside a sandbox (each app supports up to five), and submit for audit when you are ready for production. A clean first-pass audit takes roughly one to two weeks based on community reports in 2026.

What are the TikTok API rate limits?

The Content Posting API caps at 6 requests per minute per user access token, with a daily per-client publishing quota TikTok does not publish. The Display API allows 600 requests per minute per endpoint in a sliding window. The Research API allows 1,000 requests per day and 100,000 records per day by default, with Followers/Following separately allowed 20,000 requests per day.

Why are my TikTok API posts private even though I requested public visibility?

Because your app is in sandbox mode. Any content posted by a non-audited client is forced to private regardless of the OAuth scope or the user’s selection in the consent screen. The fix is to pass app audit. There is no settings toggle that overrides this.

Can I use the TikTok Research API if I’m not an academic?

No. The Research API is limited to qualifying universities and academic institutions in the US, EEA, UK, and Switzerland, EU-registered non-profits, and Brazilian academic or non-profit researchers studying youth safety. Commercial users, creators, and advertisers are explicitly ineligible. The commercial equivalent is a third-party wrapper like TikAPI, TikHub, or EnsembleData.