Public API
Automate everything that repeats.
REST API and webhooks for every mekyn endpoint — content, SEO reports, leads, builds, domain actions. Build your own tools, sync to Notion or Slack, or use mekyn as the backend of your stack.
Six building blocks for automation
-
REST API
Fully documented REST endpoints for CRUD on Sites, Pages, Blocks, Domains, Leads — JSON in, JSON out.
-
Webhooks
Events: site.published, lead.received, seo.report.ready, backlink.detected, social.posted — signed with HMAC-SHA256.
-
OAuth 2.0
Token-based authentication with scopes (read:sites, write:pages, manage:leads). Token rotation per click.
-
Rate Limits Transparent
1,000 requests/hour in Business plan, 10,000 in Enterprise. Header X-RateLimit-* shows remaining quota.
-
OpenAPI Specification
Full OpenAPI 3.1 spec — automatically generates type-safe clients in TypeScript, Python, Go, Ruby.
-
GraphQL (Roadmap)
GraphQL endpoint planned for Q4 2026. REST stays available in parallel — no breaking changes.
Example workflows.
Four use cases our beta testers are already running.
-
CMS Sync from Notion
A cron job reads your Notion pages and pushes content as mekyn blocks to the CMS. Notion is source, mekyn is frontend.
-
Lead Stream to Slack
Webhook "lead.received" pings a Slack channel with lead details and direct link to lead in mekyn.
-
SEO Report in Looker Studio
Daily cron pulls SEO metrics via API and pushes to BigQuery — Looker visualizes.
-
Auto-Deploy on Git Push
GitHub Action calls API endpoint "site.rebuild" — build starts, site is live in 30 seconds.
Example · cURL
curl https://api.mekyn.com/v1/sites \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json"
# {
# "data": [
# { "id": "smith-plumbing", "domain": "smithplumbing.com", "status": "live" },
# { "id": "dr-jones-clinic", "domain": "drjonesclinic.com", "status": "live" }
# ],
# "meta": { "total": 2, "page": 1 }
# }Frequently Asked Questions
-
In which plans is the API included?
Read-only access from Professional plan. Write access and webhooks from Business plan. Higher rate limits and SLA from Enterprise.
-
Where do I find the documentation?
The OpenAPI spec is at <a href="https://api.mekyn.com/openapi.json" class="underline">api.mekyn.com/openapi.json</a>, interactive docs at <a href="https://docs.mekyn.com/api" class="underline">docs.mekyn.com/api</a>. Both endpoints are in build — early access goes through personal onboarding.
-
Are webhooks reliable?
Yes. On error response (>=500 or timeout) we retry with exponential backoff up to 24 hours. Failed payloads land in a dead letter queue you can view in the dashboard.
-
What about rate limits?
Business: 1,000/h. Enterprise: 10,000/h, individual increases possible. Headers X-RateLimit-Limit / X-RateLimit-Remaining / X-RateLimit-Reset show status. On exceed: HTTP 429 with Retry-After.
-
Is the API GDPR-compliant?
Yes. All endpoints run exclusively on US/EU servers (configurable). Audit logs of all API calls are kept 90 days. Personal data in webhook payloads is encrypted at-rest.
Ready for API access?
Included from Business plan. Early access to new endpoints through personal onboarding.