Shared Session Authentication lets you use existing session data from your user’s browser to authenticate your documentation.

Setup

1

Create User Info API

Create an API endpoint that:
  • Uses your existing session authentication
  • Returns user data in the UserInfo format
  • Includes proper CORS headers if your API and docs domains differ: 
    Access-Control-Allow-Origin: your-docs-domain.com
Access-Control-Allow-Credentials: true
Only enable these CORS settings on your user info endpoint, not across all API routes.
2

Configure Settings

Add your API URL and Login URL in your Mintlify dashboard settings.

Example Setup

Your setup will depend on where your dashboard and docs are hosted:
  • Different Subdomains: For dashboard at dash.example.com and docs at docs.example.com 
    API Endpoint: https://dash.example.com/api/docs/user-info
CORS Origin: https://docs.example.com
  • Dashboard Subdomain, Docs at Root: For dashboard at dash.example.com and docs at example.com/docs 
    API Endpoint: https://dash.example.com/api/docs/user-info
CORS Origin: https://example.com
  • Same Domain: For dashboard at example.com/dashboard and docs at example.com/docs 
    API Endpoint: https://example.com/api/docs/user-info