How to delete Watched Address using REST API

I’m unable to figure out how to delete a Watched Address via REST API.

I’m able to ‘Sync and Watch Address’ via REST API using GET:[app_id]&address=[address]

But how would I format a request to delete the above Watched Address?

you could try with unwatchEthAddress


Thank you, this worked!

For those looking to use the same method, you will need to include your master key (X-Parse-Master-Key) in the header request.


cool awesome! I’ll try to add this to the docs :raised_hands:, this is definitely something important to have in the docs


When is this being added to the docs?

Check the above link for unwatchAddress

Lol, I saw this already, but I keep running into this error

ParseError: Permission denied for action delete on class WatchedBscAddress.
    at handleError (..../node_modules/moralis/lib/node/RESTController.js:423:17)
    at processTicksAndRejections (internal/process/task_queues.js:95:5)
    at async unsubscribeFromAddress (.../controllers/profilesController.js:26:21) {
  code: 119

This points to line 26 in my code which is

const results = await
        useMasterKey: true,

When calling via REST API my request looks like this:


When including the Parse Master Key and API Key in my header, this works just fine.

I’m too much of a novice to interpret the error you’re receiving, but I can confirm the above approach does work for me.

Can you do me a favor and post how you implemented that header definition with the api key (of course without the actual API_KEY lol)

Sure, here’s the cURL request (any sensitive info has been substituted).

Just note that when your request is successful, you’ll receive an empty response. Check your database to see if the address was removed.

curl --location --request GET ‘
–header ‘X-Parse-Master-Key: hljvlw74579KgkbjkBkj83kj’
–header ‘X-API-Key: bjbkKjbKJ65Bjbmb’

Yea this is weird, isn’t working for me. How in the world did you implement this in your actual code? On my server I have the useMasterKey set to true {useMasterKey: true}. So incoming requests from my client should go through. I have the same setup for subscribing and that works. I’m using a POST method since I’m sending the address down to the server. POST for both subscribing and unsubscribing. The only thing that changed is ‘watchBscAddress’ to ‘unwatchBscAddress’. @cryptokid, you have any thoughts on this as well?

Also, just to mention @mimmo , I tried using the url you have above directly. Just interpolated the sensitive info and address which still gives me the ParseError: Permission denied for action delete on class WatchedBscAddress. error

Have you tried setting up the call in Postman? I just tried it out and it seems to work there too. Also, please note I’ve been using a GET method for both ‘watching’ and ‘unwatching’.

Unfortunately, I’ve only ever implemented this within a application (no code tool), so I’m unsure how they structure the call on their backend.

what is the server url? maybe you changed some rights on watchBscAddress table, or some rights maybe need to be added for coreservices role

you can add GET request that in a cloud function and call the cloud function, but it should be easier

Question, is there any documentation on adding rights for coreservices role. If so, please do share.

I’m not sure now if that was the problem, to add rights for coreservices, in dashboard, when you get to CLP settings (Class Lever Permissions), you write role:coreservices and press enter in the only imput box that you see there

Oh ok got it. Yea, I’ll try all my options, thanks. Will come back here if anything.

You said GET request that in a cloud function. I’m trying to call it from the client. My master key doesn’t work on the client. Here’s more context


const response = await
          address: profile.get("address"),
          headers: {
            "X-Parse-Master-Key": process.env.REACT_APP_MASTER_KEY,
            "X-API-Key": process.env.REACT_APP_APPLICATION_ID,


import {
} from "../controllers/profilesController.js";

import { Router } from "express";

const router = Router();"/unsubscribe", unsubscribeFromAddress);

export default router;


export const unsubscribeFromAddress = async (req, res) => {
  try {
    const { address } = req.body;
    const results = await
        useMasterKey: true,

    return res.send(results);
  } catch (error) {

You could add the user address to a list when unsubscribed and after that to run a cloud function that can use master key.

From what I see in that code it looks like you have the master key in user code and that is not a good idea.