Images
The API returns image paths as template strings with {size} and {ext} placeholders. You choose the resolution and format.
Template format
Section titled “Template format”/posters/{size}/mzILxi88uW.{ext}/backdrops/{size}/XQ0tgfShRO.{ext}Base URL
Section titled “Base URL”All images are served from:
https://r2.popcorntime.app/imagesAvailable sizes
Section titled “Available sizes”Posters
Section titled “Posters”| Size | Resolution | Use case |
|---|---|---|
w200 | 200px wide | Thumbnails, lists |
w500 | 500px wide | Detail pages, cards |
Backdrops
Section titled “Backdrops”| Size | Resolution | Use case |
|---|---|---|
w780 | 780px wide | Cards, small hero |
w1280 | 1280px wide | Full-width hero |
Resolving a URL
Section titled “Resolving a URL”Replace {size} with the desired size and {ext} with jpg:
function resolveImageUrl(template, size = "w500") { if (!template) return null; return `https://r2.popcorntime.app/images${template .replace("{size}", size) .replace("{ext}", "jpg")}`;}
// Exampleconst poster = resolveImageUrl("/posters/{size}/mzILxi88uW.{ext}", "w500");// → https://r2.popcorntime.app/images/posters/w500/mzILxi88uW.jpgExamples
Section titled “Examples”| Template | Resolved URL |
|---|---|
/posters/{size}/mzILxi88uW.{ext} | https://r2.popcorntime.app/images/posters/w500/mzILxi88uW.jpg |
/backdrops/{size}/XQ0tgfShRO.{ext} | https://r2.popcorntime.app/images/backdrops/w1280/XQ0tgfShRO.jpg |
Provider logos
Section titled “Provider logos”Provider logos use a direct path (no template):
https://r2.popcorntime.app/images/logos/{provider_id}.pngAll logos are 166×166 PNG.
CDN & caching
Section titled “CDN & caching”Images are served through Cloudflare CDN with aggressive caching. Posters and backdrops use immutable cache headers (1 year). Provider logos cache for 1 day.
Link tokens
Section titled “Link tokens”The link_token field in streaming links is an encrypted redirect token. To get the actual streaming URL:
https://go.popcorntime.app/go/{link_token}This returns a 302 redirect to the provider’s platform-specific deep link. The token is AES-256-SIV encrypted — it cannot be decoded without the server-side key.
Example
Section titled “Example”Token: 178vKEFTzd4pfUouF79gqC6DNHT6Z9CT19VhwBnrGQXN5vpTcyLZNUtfDM1w1Ve1XKkj8nuK
Redirect: https://go.popcorntime.app/go/178vKEFTzd4pfUouF79gqC6DNHT6Z9CT19VhwBnrGQXN5vpTcyLZNUtfDM1w1Ve1XKkj8nuK→ 302 → https://www.netflix.com/title/12345The redirect service:
- Decrypts the token server-side
- Generates a platform-specific deep link (web, Fire TV, Android TV, etc.)
- Injects affiliate parameters
- Returns a 302 redirect
See Link Tokens for more details on the encryption scheme.