Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/Mintplex-Labs/anything-llm/llms.txt

Use this file to discover all available pages before exploring further.

AnythingLLM supports a multi-user mode that unlocks role-based access control, invite-based registration, and per-workspace permissions. The Admin API lets you manage all of this programmatically — create and update users, generate invite links, configure which users can access specific workspaces, and adjust instance-wide preferences. The User Management endpoints provide a lighter-weight way to list users and issue temporary login tokens for SSO-style integrations.
Most endpoints in this section require multi-user mode to be enabled first via the AnythingLLM UI. Calling them on a single-user instance returns 401 Instance is not in Multi-User mode. Method denied. Additionally, all Admin endpoints require an API key with admin role privileges.

GET /v1/admin/is-multi-user-mode

Check whether the current AnythingLLM instance is running in multi-user mode. Use this before calling other admin endpoints to avoid unnecessary 401 errors.

Response Fields

isMultiUser
boolean
true if multi-user mode is active, false otherwise.
curl https://your-instance.com/api/v1/admin/is-multi-user-mode \
  -H "Authorization: Bearer YOUR_API_KEY"

GET /v1/admin/users

List all registered users on the instance.

Response Fields

users
array
curl https://your-instance.com/api/v1/admin/users \
  -H "Authorization: Bearer YOUR_API_KEY"

POST /v1/admin/users/new

Create a new user account with a username, password, and role.

Body Parameters

username
string
required
Login username for the new account.
password
string
required
Initial password for the account.
role
string
required
User role: "default" for standard users or "admin" for administrators.

Response Fields

user
object
error
string | null
null on success or an error description.
curl -X POST https://your-instance.com/api/v1/admin/users/new \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "username": "sample-sam",
    "password": "hunter2",
    "role": "default"
  }'

POST /v1/admin/users/{id}

Update an existing user’s settings. Only the fields you include are changed — all others remain as-is.

Path Parameters

id
string
required
Database ID of the user to update.

Body Parameters

username
string
New login username.
password
string
New password.
role
string
New role: "default" or "admin".
suspended
integer
1 to suspend the user (block login), 0 to reinstate.

Response Fields

success
boolean
Whether the update was applied.
error
string | null
null on success or an error message.
curl -X POST https://your-instance.com/api/v1/admin/users/3 \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "role": "admin",
    "suspended": 0
  }'

DELETE /v1/admin/users/{id}

Permanently delete a user account by its database ID.

Path Parameters

id
string
required
Database ID of the user to delete.

Response Fields

success
boolean
Whether the deletion was successful.
error
string | null
null on success or an error message.
curl -X DELETE https://your-instance.com/api/v1/admin/users/3 \
  -H "Authorization: Bearer YOUR_API_KEY"

GET /v1/admin/invites

List all invitation records on the instance, regardless of status (pending or claimed).

Response Fields

invites
array
curl https://your-instance.com/api/v1/admin/invites \
  -H "Authorization: Bearer YOUR_API_KEY"

POST /v1/admin/invite/new

Generate a new invitation code. Optionally pre-assign the new user to specific workspaces.

Body Parameters

workspaceIds
array
Array of workspace database IDs to automatically grant the invitee access to when they register. Example: [1, 2, 45].

Response Fields

invite
object
error
string | null
null on success or an error description.
curl -X POST https://your-instance.com/api/v1/admin/invite/new \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"workspaceIds": [1, 2]}'

DELETE /v1/admin/invite/{id}

Deactivate (soft-delete) an invite by its ID. The invite code becomes invalid but the record is preserved for auditing.

Path Parameters

id
string
required
Database ID of the invite to deactivate.

Response Fields

success
boolean
Whether the invite was deactivated.
error
string | null
null on success or an error message.
curl -X DELETE https://your-instance.com/api/v1/admin/invite/7 \
  -H "Authorization: Bearer YOUR_API_KEY"

POST /v1/admin/workspace-chats

Retrieve all chat messages from across the entire system, ordered by most recent. Results are paginated via an offset parameter.

Body Parameters

offset
integer
Page offset for pagination. Each page returns up to the system default number of chats. Omit for the first page.

Response Fields

success
boolean
Request status.
error
string | null
null on success.
curl -X POST https://your-instance.com/api/v1/admin/workspace-chats \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"offset": 0}'

POST /v1/admin/preferences

Update instance-wide multi-user preferences. Requires multi-user mode to be enabled. Only the keys you supply will be changed.

Body Parameters

support_email
string
Support contact email shown to users within the interface.

Response Fields

success
boolean
Whether preferences were updated.
error
string | null
null on success or an error message.
curl -X POST https://your-instance.com/api/v1/admin/preferences \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"support_email": "support@example.com"}'

GET /v1/admin/workspaces/{workspaceId}/users

Retrieve the list of users who have explicit permission to access a specific workspace.

Path Parameters

workspaceId
string
required
Database ID of the workspace to inspect.

Response Fields

users
array
curl https://your-instance.com/api/v1/admin/workspaces/5/users \
  -H "Authorization: Bearer YOUR_API_KEY"

POST /v1/admin/workspaces/{workspaceSlug}/manage-users

Add users to a workspace’s allowed list. By default this is an additive operation; pass reset: true to replace the entire permission list.

Path Parameters

workspaceSlug
string
required
Slug of the workspace to modify.

Body Parameters

userIds
array
required
Array of user database IDs to grant access to the workspace.
reset
boolean
When true, the existing user list is cleared and replaced with the provided userIds. Defaults to false (additive).

Response Fields

success
boolean
Whether the operation succeeded.
error
string | null
null on success or an error message.
users
array
Updated list of users with access, each including userId, username, and role ("admin" or "default").
curl -X POST https://your-instance.com/api/v1/admin/workspaces/product-docs/manage-users \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "userIds": [1, 2, 4],
    "reset": false
  }'

GET /v1/users

List all users on the instance. Available in the User Management API (does not require admin role in single-user mode).

Response Fields

users
array
curl https://your-instance.com/api/v1/users \
  -H "Authorization: Bearer YOUR_API_KEY"

GET /v1/users/{id}/issue-auth-token

Issue a short-lived authentication token for a specific user. The returned token and login path can be used to implement SSO-style “log in as user” flows without requiring the user’s password.

Path Parameters

id
string
required
Database ID of the user to issue a token for.

Response Fields

token
string
The temporary authentication token.
loginPath
string
Ready-to-use login path including the token as a query parameter (e.g. /sso/simple?token=1234567890).
curl https://your-instance.com/api/v1/users/2/issue-auth-token \
  -H "Authorization: Bearer YOUR_API_KEY"

Build docs developers (and LLMs) love