> ## Documentation Index
> Fetch the complete documentation index at: https://docs.metabind.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# REST API quickstart

> Make your first authenticated REST request against your Metabind project

This page gets you to a working REST call in five minutes. We'll list a project's content with the admin API, using a JWT bearer token.

## What you'll need

* A Metabind organization and project. Don't have one? See [Create an account](/guides/getting-started/create-account).
* A JWT for the admin API, or an API key for the client API.
* `curl`, or any HTTP client.

## 1. Pick the right base URL and route prefix

The REST API lives at:

```
https://api.metabind.ai
```

Two route prefixes:

| Prefix        | Auth                          | Use for                             |
| ------------- | ----------------------------- | ----------------------------------- |
| `/api/v1/...` | `x-api-key` header            | Client API — read published content |
| `/app/v1/...` | `Authorization: Bearer <JWT>` | Admin API — full CRUD               |

Most read-only client integrations use the client API. Workflow tooling, automation, and editor backends use the admin API. This quickstart uses the admin API.

## 2. Get a JWT

In App Studio:

1. Open **Settings → API Keys** at the organization level.
2. Click **Create JWT** and pick a scope (your project, expiry).
3. Copy the JWT — you'll see it once.

For one-off testing, App Studio's **Settings → API Keys → Show current session JWT** exposes a short-lived token tied to your login. Don't use this for automation.

## 3. Make your first call

List published content in a project:

```bash theme={null}
curl -X GET \
  "https://api.metabind.ai/app/v1/organizations/{org}/projects/{project}/content?status=published&limit=5" \
  -H "Authorization: Bearer ${MB_JWT}"
```

Replace `{org}` and `{project}` with your IDs (visible in the App Studio URL when the project is open).

A successful response:

```json theme={null}
{
  "data": [
    {
      "id": "cont124",
      "typeId": "ct123",
      "name": "Getting started",
      "status": "published",
      "content": { "title": "...", "body": "..." },
      "createdAt": "2026-04-21T10:00:00Z",
      "updatedAt": "2026-04-21T14:30:00Z"
    }
  ],
  "pagination": { "lastKey": "eyJpZCI6ImNvbnQxMjQifQ==" }
}
```

## 4. Try a few common patterns

**Get a single entry by ID:**

```bash theme={null}
curl "https://api.metabind.ai/app/v1/organizations/{org}/projects/{project}/content/{contentId}" \
  -H "Authorization: Bearer ${MB_JWT}"
```

**Search by content type:**

```bash theme={null}
curl "https://api.metabind.ai/app/v1/organizations/{org}/projects/{project}/content?contentType=article&limit=10" \
  -H "Authorization: Bearer ${MB_JWT}"
```

**Create a content entry (draft):**

```bash theme={null}
curl -X POST \
  "https://api.metabind.ai/app/v1/organizations/{org}/projects/{project}/content" \
  -H "Authorization: Bearer ${MB_JWT}" \
  -H "Content-Type: application/json" \
  -d '{
    "typeId": "article",
    "name": "Hello world",
    "content": { "title": "Hello world", "body": "First post." }
  }'
```

The response includes the new entry's `id` and a draft status. Publish via `POST .../content/{contentId}/publish`.

## 5. Pagination

List endpoints return up to 50 items per page by default. Use `pagination.lastKey` to fetch the next page:

```bash theme={null}
curl ".../content?status=published&limit=50&afterKey=$LAST_KEY" \
  -H "Authorization: Bearer ${MB_JWT}"
```

When `lastKey` is absent in the response, you've reached the end.

## 6. Error responses

Errors come back as JSON with an HTTP status code:

```json theme={null}
{
  "error": {
    "code": "unauthorized",
    "message": "JWT expired"
  }
}
```

Common codes:

| Status | Meaning                                                     |
| ------ | ----------------------------------------------------------- |
| 401    | Token missing, invalid, or expired                          |
| 403    | Token authenticated but doesn't have permission             |
| 404    | Resource not found                                          |
| 422    | Body validation failed (bad shape, missing required fields) |
| 429    | Rate limit exceeded                                         |

For the full error reference, see [Errors](/rest/errors).

## 7. Rate limits

Default limits:

* 600 requests/minute per token
* 30,000 requests/hour per token

Above the limit, you'll see `429 Too Many Requests` with a `Retry-After` header. Back off and retry. For higher limits, see [Rate limiting](/guides/operations/rate-limiting).

## What to read next

<CardGroup cols={2}>
  <Card title="Authentication" icon="key" href="/rest/authentication">
    JWTs, API keys, scopes, rotation.
  </Card>

  <Card title="Core concepts" icon="cube" href="/rest/core-concepts">
    Resource model and data shapes.
  </Card>

  <Card title="Content" icon="file-lines" href="/rest/content/overview">
    The most common resource — read, create, update content.
  </Card>

  <Card title="Errors" icon="triangle-exclamation" href="/rest/errors">
    Status codes and recovery patterns.
  </Card>
</CardGroup>