Authentication and Admin API keys
Admin API requests authenticate with a dedicated Admin API key. Learn how those keys work and how to call the API.
Admin API keys
An Admin API key is created and managed in the Backoffice (backoffice.mistral.ai ↗). Each key is tied to a single Organization and grants access to that Organization's admin endpoints. Keys are managed from the Enterprise Account Backoffice for convenience, but their scope is always one Organization. For the Backoffice model, see Enterprise Accounts and Backoffice.
A user's standard API key never grants admin access, regardless of the user's role. Admin endpoints require an Admin API key created in the Backoffice. This is different from the regular API keys used for the inference API.
Create an Admin API key
- Open the Backoffice ↗ and go to API keys.
- Click Create key.
- Choose a name, select the Organization the key belongs to, and optionally set an expiration date.
- Copy the key and store it securely.
The key is only shown at creation. If you lose it, you'll need to create a new one.
Make a request
Send Admin API requests to the Admin API base URL and pass your Admin API key in the x-api-key header.
- Base URL:
https://console.mistral.ai/api/admin - Authentication header:
x-api-key: <ADMIN_API_KEY>
Set the key as an environment variable before you make requests:
export ADMIN_API_KEY="your-admin-api-key"Then call an endpoint. For example, list users in the Organization tied to the key:
curl "https://console.mistral.ai/api/admin/users?page=1&page_size=50" \
-H "x-api-key: $ADMIN_API_KEY"For requests with a JSON body, also include the Content-Type header:
curl -X POST https://console.mistral.ai/api/admin/users-invite \
-H "x-api-key: $ADMIN_API_KEY" \
-H "Content-Type: application/json" \
-d '{"email": "ada@example.com"}'See the Admin API reference for available endpoints, parameters, and response fields.