> ## Documentation Index
> Fetch the complete documentation index at: https://docs.mightynetworks.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Admin API

> Comprehensive guide to the Mighty Networks Admin API

## About the Admin API

The Mighty Networks Admin API provides programmatic access to manage and automate your network operations. With the Admin API, you can manage members, content, events, and more.

## Base URL

All API requests should be made to:

```
https://api.mn.co/admin
```

## Authentication

The Admin API uses Bearer token authentication. All requests must include a valid API token.

<Card title="Authentication Guide" icon="key" horizontal href="/authentication">
  Learn how to generate tokens, authenticate requests, and implement security best practices.
</Card>

## Getting Started

<CardGroup cols={2}>
  <Card title="Quickstart Guide" icon="rocket" href="/quickstart">
    Make your first API call in under 5 minutes.
  </Card>

  <Card title="Authentication" icon="shield-halved" href="/authentication">
    Set up authentication and manage API tokens.
  </Card>
</CardGroup>

## Core Resources

The Admin API provides access to the following resources:

### Networks

Manage network settings, information, and configuration.

### Members

* List and search members
* View member profiles and activity
* Update member information
* Manage member permissions and roles

### Content & Posts

* Create, read, update, and delete posts
* Manage comments and reactions
* Moderate content
* Work with rich media attachments

### Events

* Create and manage events
* Track RSVPs and attendance
* Update event details

### Spaces

* Manage network spaces
* Configure space settings
* Control space membership

## Webhooks

Webhooks allow you to receive real-time HTTP notifications when events occur in your network. Instead of polling the API for changes, webhooks push data to your server as events happen.

### How It Works

1. You configure a webhook endpoint URL in your network settings
2. You select which events you want to receive
3. When an event occurs, Mighty Networks sends an HTTP POST request to your URL
4. Your server processes the webhook and responds with any `2xx` status code (200, 201, 202, 204, etc.)

### Webhook Delivery Format

Webhooks are delivered as HTTP POST requests with JSON payloads:

```http theme={null}
POST /your-webhook-endpoint
Host: your-domain.com
Content-Type: application/json
Accept: application/json
Authorization: Bearer YOUR_CONFIGURED_API_KEY

{
  "event_id": "abc123-uuid",
  "event_timestamp": "2024-01-15T10:30:00Z",
  "event_type": "PostCreated",
  "payload": {
    "id": 12345,
    "title": "Example post title",
    "author": {
      "id": 67890,
      "email": "user@example.com",
      "first_name": "John"
    },
    "space_id": 111,
    "created_at": "2024-01-15T10:30:00Z"
  }
}
```

### Available Events

See the [Webhooks](/admin-api#webhooks) section for a complete list of available events and their payload schemas.

### Security

* **HTTPS Required**: Webhook endpoints must use HTTPS in production
* **Authentication**: Configure an API key that will be included as a `Bearer` token in the `Authorization` header
* **Verify the source**: Always validate the `Authorization` header matches your configured key

### Best Practices

<AccordionGroup>
  <Accordion title="Respond quickly">
    Return any `2xx` status code (200, 201, 202, 204, etc.) as fast as possible. Process the webhook payload asynchronously if needed—webhooks timeout after 30 seconds.
  </Accordion>

  <Accordion title="Handle retries">
    Webhooks are retried on failure with any non-2xx status code. Implement idempotency to handle duplicate deliveries gracefully.
  </Accordion>

  <Accordion title="Keep your endpoint healthy">
    Repeated failures trip a circuit breaker that temporarily pauses delivery to your endpoint. Monitor your endpoint's availability so deliveries aren't suspended. See [Circuit breaker](/admin-api#circuit-breaker) for details.
  </Accordion>

  <Accordion title="Expect async delivery">
    Webhooks are delivered asynchronously via background jobs. There may be a slight delay between when an event occurs and when you receive the webhook.
  </Accordion>

  <Accordion title="Log webhook payloads">
    Store incoming webhook data for debugging and auditing purposes.
  </Accordion>
</AccordionGroup>

### Expected Responses

Your endpoint should return any `2xx` status code to acknowledge successful receipt. Common success codes include 200 (OK), 201 (Created), 202 (Accepted), and 204 (No Content):

| Status Code        | Meaning                         |
| ------------------ | ------------------------------- |
| 2xx (200-299)      | Webhook received successfully   |
| Any non-2xx status | Delivery failed—will be retried |

### Circuit breaker

Outbound webhook delivery is protected by a [circuit breaker](https://martinfowler.com/bliki/CircuitBreaker.html). If your endpoint fails repeatedly in a row, we temporarily stop delivering webhooks to it rather than continuing to retry against an endpoint that appears to be down.

* **Trips on repeated failures**: When deliveries to your endpoint fail multiple consecutive times (any non-2xx response, a timeout, or a connection error), the circuit breaker opens and delivery is paused.
* **Delivery is paused temporarily**: While the circuit is open, new webhooks for that endpoint are not delivered. This protects both your service and ours from wasted retries against a failing endpoint.
* **Automatic recovery**: After a cooldown period, we probe your endpoint again. Once it responds successfully, the circuit closes and normal delivery resumes automatically—no manual intervention required.

<Tip>
  Keep your endpoint highly available and return a `2xx` status quickly to avoid tripping the circuit breaker. If you notice a gap in delivery, check your endpoint's logs and uptime for a recent run of failures.
</Tip>

## Rate Limit and Quota

The Admin API is rate limited to ensure fair usage. Each plan includes a monthly request quota, with additional usage billed per request past your plan's permitted volume:

| Plan                 | Included API Requests | Extra API Requests |
| -------------------- | --------------------- | ------------------ |
| Scale                | 5,000 / month         | \$0.002 / request  |
| Growth               | Custom                | Custom             |
| Mighty Pro Basic     | Custom                | Custom             |
| Mighty Pro Essential | Custom                | Custom             |
| Mighty Pro Complete  | Custom                | Custom             |

Contact your account team for the specific limits and pricing that apply to your plan.

## Error Handling

The API uses standard HTTP status codes:

| Status Code | Description                                 |
| ----------- | ------------------------------------------- |
| 200         | Success                                     |
| 201         | Created                                     |
| 400         | Bad Request - Invalid parameters            |
| 401         | Unauthorized - Invalid or missing API token |
| 403         | Forbidden - Insufficient permissions        |
| 404         | Not Found - Resource doesn't exist          |
| 429         | Too Many Requests - Rate limit exceeded     |
| 500         | Internal Server Error                       |

Error responses include a JSON body with details:

```json theme={null}
{
  "error": "unauthorized",
  "message": "Invalid API token",
  "status": 401
}
```

## Pagination

List endpoints support pagination using the following query parameters:

* `page`: Page number (default: 1)
* `per_page`: Items per page (default: 25, max: 100)

Pagination metadata is included in the response:

```json theme={null}
{
  "data": [...],
  "meta": {
    "current_page": 1,
    "total_pages": 10,
    "total_count": 250,
    "per_page": 25
  }
}
```

## Quick Reference

### Common Operations

All API operations are scoped to a specific network:

* **List Resources** - `GET /networks/{id}/members`
* **Get Resource** - `GET /networks/{id}/members/{member_id}`
* **Create Resource** - `POST /networks/{id}/posts`
* **Update Resource** - `PATCH /networks/{id}/members/{member_id}`
* **Delete Resource** - `DELETE /networks/{id}/spaces/{space_id}/members/{user_id}`

### Request Format

All requests require authentication and use standard REST conventions:

```bash theme={null}
curl https://api.mn.co/admin/v1/networks/{network_id}/endpoint \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -H "User-Agent: my-app/1.0 (+https://example.com)"
```

<Warning>
  Requests to `api.mn.co` must include a non-empty `User-Agent` header. Requests without one are blocked by bot protection and receive an HTML challenge page with HTTP `403`. We recommend `your-app-name/version (+url)`.
</Warning>

### Response Format

Successful list endpoints return paginated data:

```json theme={null}
{
  "items": [...],
  "links": {
    "self": "current_page_url",
    "next": "next_page_url"
  }
}
```

## Best Practices

1. **Store tokens securely** - Never expose API tokens in client-side code or public repositories
2. **Handle rate limits** - Implement exponential backoff when hitting rate limits
3. **Use pagination** - Always paginate through large result sets
4. **Validate input** - Validate data before sending to the API
5. **Monitor errors** - Log and monitor API errors for debugging

## Support

Need help with the Admin API?

<CardGroup cols={2}>
  <Card title="Support Center" icon="life-ring" href="https://docs.mightynetworks.com">
    Visit our FAQ and support documentation.
  </Card>

  <Card title="Contact Support" icon="envelope" href="https://www.mightynetworks.com">
    Get in touch with our technical support team.
  </Card>
</CardGroup>