Skip to main content

Overview

Mino uses different authentication methods depending on how you’re accessing the API:
Access MethodAuth TypeWhen to Use
REST APIAPI KeyDirect HTTP requests from your code
MCP IntegrationOAuth 2.1AI assistants (Claude, Cursor)

REST API Authentication

All REST API requests require an API key passed in the X-API-Key header.

Getting Your API Key

  1. Go to the API Keys page
  2. Click “Create API Key”
  3. Copy and store your key securely
API keys are shown only once. Store them securely and never commit them to version control.

Using Your API Key

Include the X-API-Key header in every request: 
curl -X POST https://mino.ai/v1/automation/run \
  -H "X-API-Key: $MINO_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"url": "https://example.com", "goal": "Extract the page title"}'

Environment Variables

Store your API key in an environment variable: 
# Add to your shell profile (.bashrc, .zshrc, etc.)
export MINO_API_KEY="your_api_key_here"
For Node.js projects, use a .env file: 
# .env
MINO_API_KEY=your_api_key_here
Add .env to your .gitignore to prevent accidental commits.

MCP Authentication

The MCP endpoint uses OAuth 2.1 for secure authentication with AI assistants.

How It Works

  1. Add the Mino MCP server to your AI client configuration
  2. When you first use the tool, a browser window opens for authentication
  3. Log in with your Mino account
  4. Authorization is cached for future sessions

Configuration

Add to your Claude Desktop config:
{
  "mcpServers": {
    "mino": {
      "url": "https://mino.ai/mcp"
    }
  }
}
Config location:
  • macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
  • Windows: %APPDATA%\Claude\claude_desktop_config.json
You need a Mino account with an active subscription or credits. Sign up here.

Error Responses

401 Unauthorized

Returned when the API key is missing or invalid. 
{
  "error": {
    "code": "MISSING_API_KEY",
    "message": "X-API-Key header is required"
  }
}

{
  "error": {
    "code": "INVALID_API_KEY",
    "message": "The provided API key is invalid"
  }
}
Solutions:
  1. Verify your API key is correct
  2. Check the header name is X-API-Key
  3. Ensure no extra whitespace around the key
# Debug: Check your key is set
echo $MINO_API_KEY

# Debug: Test authentication
curl -I -X POST https://mino.ai/v1/automation/run \
  -H "X-API-Key: $MINO_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"url": "https://example.com", "goal": "test"}'

403 Forbidden

Returned when authentication succeeds but you lack credits or an active subscription. 
{
  "error": {
    "code": "FORBIDDEN",
    "message": "Insufficient credits or no active subscription"
  }
}
Solution: Check your account at mino.ai/api-keys and add credits or upgrade your plan.

Security Best Practices

Use Environment Variables

Never hardcode API keys in source code

Rotate Keys Regularly

Regenerate keys periodically and after team changes

Limit Exposure

Use separate keys for development and production

Monitor Usage

Review API usage in your dashboard for anomalies

Quick Start

Run your first automation

Error Codes

Full error code reference