The REST API requires a Pro or Enterprise plan.
Endpoints
- Trigger update: Trigger an update of your site when desired.
- Get update status: Get the status of an update and other details about your docs.
- Trigger preview deployment: Create or update a preview deployment for a specific branch.
- Trigger automation: Run a scheduled automation on demand.
- Create agent job: Create an agent job to automatically edit your documentation.
- Get agent job: Retrieve the details and status of a specific agent job.
- Send follow-up message: Send a follow-up message to an existing agent job.
- Create assistant message: Embed the assistant, trained on your docs, into any application of your choosing.
- Search documentation: Search through your documentation.
- Get page content: Retrieve the full text content of a documentation page.
- Get user feedback: Export user feedback from your documentation.
- Get feedback by page: Export feedback counts aggregated by page.
- Get assistant conversations: Export AI assistant conversation history.
- Get assistant caller stats: Retrieve a breakdown of assistant query counts by caller type.
- Get search queries: Export documentation search terms and analytics.
- Get page views: Export per-page and site-wide content view counts.
- Get unique visitors: Export per-page and site-wide unique visitor counts.
Common use cases
- Automated deployments: Trigger site updates at set intervals or when events occur with Trigger update and Get update status.
- CI/CD integration: Update documentation as part of your deployment pipeline when code changes with Trigger update.
- Preview deployments: Create or update preview deployments programmatically in your CI/CD pipeline with Trigger preview deployment.
- On-demand automations: Run scheduled automations from your CI/CD pipeline or release tooling with Trigger automation.
- Custom integrations: Embed the AI assistant into your product, support portal, or internal tools with Create assistant message, Search documentation, and Get page content.
- Automated editing: Use agent jobs to programmatically update documentation at scale with Create agent job, Get agent job, and Send follow-up message.
- Analytics export: Export feedback, assistant conversations, search analytics, page views, and visitor data for external analysis with Get user feedback, Get feedback by page, Get assistant conversations, Get assistant caller stats, Get search queries, Get page views, and Get unique visitors.
Authentication
Generate API keys on the API keys page in your dashboard. Each API key belongs to an organization—you can use keys across multiple deployments within the same organization. You can create up to 10 API keys per hour per organization. Mintlify uses two types of API keys, each scoped to a different set of endpoints:| Key type | Prefix | Use for |
|---|---|---|
| Admin API key | mint_ | Updates, agent jobs, and analytics exports. Server-side only. |
| Assistant API key | mint_dsc_ | Assistant endpoints (create message, search, get page content). Proxy in production. |
Admin API key
Use the admin API key for deployment, triggering the agent, and analytics endpoints.- Trigger update
- Get update status
- Trigger preview deployment
- Trigger automation
- Create agent job
- Get agent job
- Send follow-up message
- Get user feedback
- Get feedback by page
- Get assistant conversations
- Get assistant caller stats
- Get search queries
- Get page views
- Get unique visitors
mint_ prefix.
The admin API key is a server-side secret. Do not expose it in client-side code.
Assistant API key
Use the assistant API key for the assistant endpoints. Assistant API keys begin with themint_dsc_ prefix.
Calls using the assistant API token can incur costs: either using your assistant credits or incurring overages.
Restrict keys by IP address
You can optionally restrict an API key to a list of allowed IP addresses or CIDR ranges. When a key has an allowlist, requests from any other IP address are rejected with a403 response. Both admin and assistant API keys support allowlists.
Set the allowlist when you create the key on the API keys page in your dashboard. The allowlist is fixed for the lifetime of the key — to change it, delete the key and create a new one. If you don’t set an allowlist, the key accepts requests from any IP address.
Allowlist entries support:
- IPv4 and IPv6 addresses, for example
203.0.113.5or2001:db8::1. - CIDR ranges, for example
198.51.100.0/24or2001:db8::/48.
0.0.0.0/0 and ::/0 are not allowed.
Use IP allowlists when your API key is called from a stable set of egress IPs — for example, a CI/CD runner, a static NAT gateway, or your backend server. Avoid allowlists for keys used from developer laptops or other environments with changing IPs.
Restrict admin keys by scope
You can optionally restrict an admin API key toread or write scopes. Scopes apply only to admin API keys; assistant API keys are unaffected.
Set scopes when you create the key on the API keys page in your dashboard. Scopes are fixed for the lifetime of the key — to change them, delete the key and create a new one. If you don’t set any scopes, the key can call every admin endpoint (existing keys keep working).
Mintlify derives the required scope from the HTTP method of the request:
| HTTP method | Required scope |
|---|---|
GET, HEAD | read |
| All others | write |
write also satisfies read, so ["read", "write"] and ["write"] both allow every endpoint. Requests that require a scope the key does not have are rejected with a 403 response.
Only read and write are accepted. Any other value returns a 400 response at key creation.
Set an expiration date
You can optionally set an expiration date on any API key at creation. After the expiration timestamp passes, requests using the key are rejected. Both admin and assistant API keys support expiration. Set the expiration on the API keys page in your dashboard. The expiration is fixed for the lifetime of the key — to change it, delete the key and create a new one. If you don’t set an expiration, the key never expires. The expiration must be a future ISO 8601 timestamp. Past or invalid timestamps return a400 response at key creation. The expiration is returned as expiresAt when you list keys, or null for keys with no expiration.
Use expirations for short-lived credentials such as CI/CD tokens, external contractors, or one-off scripts. Rotate long-lived keys by creating a replacement, updating your integrations, and deleting the old key.