Skip to main content
API keys let external systems read your organization’s published documents without requiring a logged-in user session. Pass your key as a Bearer token in every API request.
API keys are scoped to your organization. Any system that holds a key can read the same data as an authenticated member. Treat keys like passwords. Don’t commit them to source control or share them publicly.

Create an API key

1

Open API Keys settings

Go to Settings → API Keys.
2

Enter a name

Type a descriptive name for the key so you can identify it later (for example, zapier-integration or n8n-prod).
3

Copy the key

Click Create. DocInject shows the raw key value exactly once. Copy it to a secure location. You cannot retrieve it again after closing this dialog.

Use an API key

Include the key as a Bearer token in the Authorization header of every request:

Delete an API key

Go to Settings → API Keys, find the key you want to remove, and click Delete. Deletion takes effect immediately. Any requests using that key will receive a 401 Unauthorized response.
Deleting a key cannot be undone. If an active integration is using the key, it will stop working immediately. Create a replacement key before deleting the old one.

Next steps

Authentication

Full details on authenticating API requests, including token formats and error responses.

List documents

Retrieve a list of published documents from the API.