Shared Session Authentication lets you use existing session data from your user’s browser to authenticate your documentation.

Setup

1

Create User Info API

Create an API endpoint that:

  • Uses your existing session authentication
  • Returns user data in the UserInfo format
  • Includes proper CORS headers if your API and docs domains differ: 
    Access-Control-Allow-Origin: your-docs-domain.com
Access-Control-Allow-Credentials: true

Only enable these CORS settings on your user info endpoint, not across all API routes.

2

Configure Settings

Add your API URL and Login URL in your Mintlify dashboard settings.

Example Setup

Your setup will depend on where your dashboard and docs are hosted:

  • Different Subdomains: For dashboard at dash.example.com and docs at docs.example.com

    API Endpoint: https://dash.example.com/api/docs/user-info
CORS Origin: https://docs.example.com

  • Dashboard Subdomain, Docs at Root: For dashboard at dash.example.com and docs at example.com/docs

    API Endpoint: https://dash.example.com/api/docs/user-info
CORS Origin: https://example.com

  • Same Domain: For dashboard at example.com/dashboard and docs at example.com/docs

    API Endpoint: https://example.com/api/docs/user-info

Was this page helpful?

Choosing an Auth MethodJWT Auth