> ## Documentation Index
> Fetch the complete documentation index at: https://docs.mindfort.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Introduction

> Learn how to authenticate to the MindFort API with bearer tokens to trigger assessments, run tasks, and manage findings, plus rate limits and errors.

## Base URL

All API requests are made to:

```text theme={null}
https://api.mindfort.app
```

## Authentication

The MindFort API uses **Bearer token** authentication. Include your API key in the `Authorization` header of every request:

```bash theme={null}
Authorization: Bearer <your-api-key>
```

You can generate API keys from the [MindFort Dashboard](https://cloud.mindfort.app) under **Settings > API Keys**.

## Rate Limits

* **Per-IP limit:** 3 requests per minute
* **Global limit:** 100 requests per minute

When rate-limited, responses include a `Retry-After: 60` header. The API returns HTTP `429` with an error message.

## API Surface

The public API supports core automation workflows:

* trigger assessments
* cancel running assessments
* list findings for a target
* start directed tasks
* run saved task templates
* cancel running tasks

Use the endpoint reference for request and response schemas, query parameters, and examples.

## Pagination

List endpoints use two pagination styles:

* `GET /v1/assessments` uses cursor pagination. Pass the returned `pagination.next_cursor` value as the next request's `cursor` parameter until no next cursor is returned.
* `GET /v1/targets` and `GET /v1/findings` use `limit` and `offset` pagination and include a `total` count.

## Error Format

All errors follow a consistent JSON structure:

```json theme={null}
{
  "error": "Human-readable error message",
  "request_id": "abc123..."
}
```

Include the `request_id` when contacting support for faster resolution.

## Component IDs

Several API endpoints require UUIDs for targets, findings, templates, and other resources. Below is where to find each ID in the MindFort dashboard.

### Targets

Navigate to **Target Inventory** and click on a target. The **Target ID** is displayed on the target's detail page.

### Findings

Use `GET /v1/findings` or open a finding in the dashboard. The **Finding ID** identifies a specific vulnerability for detail, comment, and status update requests.

Filter list results with `status`, `assessment_id`, `exclude_secured`, `target_id`, and `severity`. See [Findings API](/api-reference/findings) for parameter details and dashboard mapping.

### Assessments

Open **Assessments**, select a run, and copy the **Assessment ID** from the URL or detail view. Use it as `assessment_id` when listing findings for that run only.

### Tasks

To find a **Template ID**, navigate to **Tasks > Templates**. Select a template and the ID will be shown in the template detail panel.

Task endpoints return scoped task IDs in the form `org_id::task_uuid`. Use the returned `task_id` value as-is when canceling a task.

## Content Type

All endpoints accept and return `application/json`. Requests must include:

```http theme={null}
Content-Type: application/json
```
