Admin API overview

The Admin API is an Enterprise-only feature that lets Organization administrators and solutions engineers automate account management. Use it to provision users, manage Workspaces and groups, rotate API keys, set spend and rate limits, and retrieve usage and audit logs.

Most Admin docs describe one Organization. Some Enterprise customers also have an Enterprise Account, which groups several Organizations when they need stronger isolation between groups of users than Workspaces provide.

The Backoffice (backoffice.mistral.ai ↗) manages Enterprise Accounts, their Organizations, their members, and each Organization's Admin API keys. For the product model, see Enterprise Accounts and Backoffice.

A user group bundles users so you can manage them together. For example, create a group, add members, then assign the group to a Workspace with a given role. See Groups.

The Admin API uses a dedicated Admin API key, created in the Backoffice and passed in the x-api-key header. A user's standard API key never grants admin access. See Authentication and Admin API keys for details.

Use the Admin API to manage:

• Users and invitations: see User management
• Groups: see Groups
• Workspaces: see Your first Workspace
• API keys: see API keys
• Spend and rate limits: see Usage and limits
• Usage: see Usage metrics with the Admin API
• Audit logs: see Audit logs

Several endpoints accept role fields by UUID (roles) or by name (role_names). Workspace assignment endpoints accept workspace_role (UUID) or workspace_role_name (name). When RBAC is enabled, list the available roles and their UUIDs with GET /api/admin/roles.

For the full role model, see Roles and permissions.