Documentation Index
Fetch the complete documentation index at: https://prefetch.mintlify.app/llms.txt
Use this file to discover all available pages before exploring further.
API keys
All Prefetch API endpoints (except/health and /ready) require an API key. Pass your key in the X-API-Key request header:
Key validation
Every request validates your API key against the following checks, in order:- Present — key must be included in the header
- Not revoked — key has not been manually revoked
- Not expired — key has not passed its expiry date
- Within credit limit — key has not exceeded its configured credit limit
403 Forbidden response with a descriptive error message.
First-party origin injection
If you’re calling the API from your own frontend (browser), you can configure allowed origins so requests from those origins automatically use a shared API key — without exposing it in client-side code. SetALLOWED_ORIGINS and DEFAULT_API_KEY in your server environment:
X-API-Key header, the DEFAULT_API_KEY is injected automatically.
Key security best practices
- Rotate keys regularly from the dashboard
- Use separate keys for development and production
- Set a credit limit on each key to prevent unexpected overages
- Revoke compromised keys immediately from the dashboard
Error responses
| Error message | Cause |
|---|---|
"Missing API key" | No X-API-Key header provided |
"Invalid API key" | Key not found in the system |
"API key has been revoked" | Key was manually revoked |
"API key has expired" | Key passed its expiry date |
"Credit limit exceeded" | Key used all its allocated credits |