Mindset AI Documentation
  • General
    • Welcome
    • AI and Security
      • AI Guidelines
      • Security Q&A
      • AI Buyers Guide
  • Platform
    • Overview
    • Features
      • Welcome workflow
        • How to configure the Welcome workflow
        • Welcome workflow best practices
      • Onboarding workflow
        • How to configure the Onboarding workflow
        • Onboarding best practices
        • How to configure Single Sign-On (SSO)
        • How to Configure Multi Factor Authentication (MFA)
      • Knowledge workflow
        • Content Discovery
          • How to configure Content Discovery
          • Setting up the Content Discovery carousels
          • ‘Trending’ carousel calculations
        • Knowledge Banks
          • How to configure a Content Knowledge Bank
          • Learn about Synced Knowledge Banks
          • How to create Speakers
          • How to exclude Content from being visible
          • How to process PDF files
          • How to process SCORM files
          • Knowledge Bank best practices
          • Prompts
            • How to configure Prompts
            • Prompts best practices
        • Events
          • How to configure External Events
          • How to Configure Live Streaming Events
        • Knowledge workflow FAQs
      • Agents
        • How to configure the Agent workflow
          • How to add an Agent Disclaimer message
        • How to create Agents
          • Settings
          • Personality
          • Policy
          • Capabilities
            • Capabilities best practices
          • Tools
          • LLM (Beta)
          • Design
          • Knowledge
          • Bias
          • Testing
          • Preview
          • Access
        • Language Translation within Agents
    • Design
      • Navigation
      • Branding
      • Thumbnail Design
      • Images
        • SVG Images
        • Selecting the Right Image for your Application
    • Accounts
      • How to configure Accounts
      • How to configure Account branding
      • How to invite end-users to an Account
    • Humans
  • Developers
    • Embed SDK
      • Embed an AI agent: step by step guide
      • How to embed an agent in your site
      • Testing your Embedded Agent
      • Authentication
    • Mindset API
      • Mindset Public APIs
      • HTTP API
        • API Key authentication
        • API Servers
        • api-authenticate-embedded-user
      • REST API
        • Contexts API
        • Context Files API
        • Labels API
  • Analytics
    • Overview
    • ThoughtSpot
      • ThoughtSpot FAQs
        • Adding a logo or image to a liveboard
        • There is data missing from liveboard
        • Exporting raw data
        • Exporting data to a csv file
        • How to add a note to a liveboard
        • How to pin in a liveboard
        • Editing individual data visualizations in a liveboard
        • Thoughtspot Alerts
    • Connecting a BI tool
  • Integrations
    • Overview
      • Choosing Data for your Agent
      • Supported Files
    • Content management
      • Google Drive
        • Google Drive Integration Set-Up
      • SharePoint
        • SharePoint Integration Set-Up
      • Hubspot
      • Podbean
      • Wistia
      • WordPress
      • Dropbox
    • Communication
      • Microsoft Teams
      • Slack
    • Customer Management and Payment
      • Hubspot
      • Stripe
  • Support
    • Contacting support
    • Taking a screenshot on any laptop
    • Resizing & compressing images
    • Performing a hard refresh
    • Application loading time
    • Raise a support ticket
    • Service Level Agreement (SLA)
  • Mindset AI Website
  • Book a Demo
Powered by GitBook
On this page
  • Generating an API key
  • Invalidating a key
  • Using a key

Was this helpful?

  1. Developers
  2. Mindset API
  3. HTTP API

API Key authentication

Many APIs are designed to be called by external systems.

As these systems are under the control of administrators rather than end users, authentication can safely be handled by shared secrets known to two servers (Mindset's and the external system).

These secrets never need to or should be passed to end users.

API Keys for Mindset's system grant app owner level access to data.

Generating an API key

API keys are generated for each application in the app admin console.

Each key is a long alphanumeric string would should be stored securely.

Navigate to the "API key management" to generate and copy a key

Invalidating a key

If a key is compromised and it is being used outside of your control, or you suspect it might be, then you can delete the key from the admin console.

That will cause any future API calls that use the key to fail. It will not interrupt any currently ongoing processes initiated using that key.

(For example a user session that was created by using that key will continue to be valid)

Using a key

Keys are used by passing them as a custom header in the web requests you make.

The header name is x-api-key and its value should be the full key string.

PreviousHTTP APINextAPI Servers

Last updated 1 year ago

Was this helpful?