Modifold Documentation

Build with Modifold, with the docs you wish every API had.

Find the endpoint you need, copy a real request, check the required fields, and see the response before you wire it into your app.

Base URL


bash
https://api.modifold.com

Authentication

Protected endpoints require a Bearer token in the Authorization header:


bash
Authorization: Bearer YOUR_TOKEN

Modifold accepts two kinds of tokens:

Regular JWT tokens are created after signing in with Discord, Telegram, or GitHub. They are stored in the browser as authToken cookies or in localStorage, and are valid for 30 days by default.
Long-lived API tokens start with mf_ and are better for bots, scripts, CI/CD, and external apps. You can create and revoke them from API settings, with expiration options from 1 week to forever.

Keep tokens private. If a token is leaked, revoke it immediately. API tokens have the same permissions as regular JWT tokens.

Rate Limiting

All API requests are rate limited to 120 requests. Heavier endpoints, such as project listing or search-like routes, may use stricter limits.

Rate limit responses include standard headers:


bash
x-ratelimit-limit
x-ratelimit-remaining
x-ratelimit-reset

When the limit is exceeded, the API returns 429 Too Many Requests with a retry-after header. For retries, respect retry-after and use exponential backoff.

Quick Example


bash
curl -X GET "https://api.modifold.com/projects?search=box&limit=20"

Open Source

These docs are open-source. If you spot something outdated or want to improve an example, the source lives on GitHub:

modifold-website/code/tree/main/docs