Authentication - Manus Enterprise API

^{Questions or issues? Contact us at api-support@manus.ai.} All team v2 APIs use an enterprise API key issued from Compliance settings, sent in the X-API-Key header. Only Tenant Owners can issue these keys.

Get an enterprise API key

Open Compliance settings

Select a key type

Choose the key type that matches the product you want to use. Each key type is scoped to a specific surface and cannot be used outside it.

Key type	Purpose	Expiry
e-Discovery & legal hold	Enterprise Data Export	optional
SIEM	Enterprise SIEM Integrations — export audit events (Tier 1 metadata; Tier 2 payloads)	optional
Team User Management	Team User Management (provision / update / offboard members from your IDP)	optional, max 365 days
Team Asset Audit	Shared Team Asset Governance — read-only DSPM enumeration (team.asset.list)	optional
Team Asset Management	Shared Team Asset Governance — admin override of share scope (team.asset.update_scope); also accepted on team.asset.list since write access implicitly includes read	optional

Create and copy the key

Generate a new key with a descriptive label (e.g. “sailpoint-prod-2026-q2”). Copy it immediately — it is shown only once. Store it in a secrets manager.

Enterprise API keys grant access to all users’ data within your enterprise (and, for Team User Management keys, the ability to add / remove members). Treat them as highly sensitive credentials. Rotate keys periodically and revoke any key that may have been exposed.

Use the API key

Include the key in the X-API-Key header on every request:

cURL
Python
TypeScript

curl --location --request POST 'https://api.manus.im/v2/enterprise.export.create' \
  --header 'X-API-Key: <your-api-key>' \
  --header 'Content-Type: application/json' \
  --data-raw '{
    "user_id": "114504",
    "scope": "ENTERPRISE_EXPORT_SCOPE_FULL",
    "include_files": true,
    "reason": "compliance audit"
  }'

import os
import requests

response = requests.post(
    "https://api.manus.im/v2/enterprise.export.create",
    headers={
        "X-API-Key": os.environ["MANUS_ENTERPRISE_API_KEY"],
        "Content-Type": "application/json",
    },
    json={
        "user_id": "114504",
        "scope": "ENTERPRISE_EXPORT_SCOPE_FULL",
        "include_files": True,
        "reason": "compliance audit",
    },
)
print(response.json())

const response = await fetch("https://api.manus.im/v2/enterprise.export.create", {
  method: "POST",
  headers: {
    "X-API-Key": process.env.MANUS_ENTERPRISE_API_KEY!,
    "Content-Type": "application/json",
  },
  body: JSON.stringify({
    user_id: "114504",
    scope: "ENTERPRISE_EXPORT_SCOPE_FULL",
    include_files: true,
    reason: "compliance audit",
  }),
});

const data = await response.json();
console.log(data);

Authentication errors

If the key is missing, invalid, or its key type does not match the endpoint being called, the API returns:

{
  "ok": false,
  "request_id": "req_abc123",
  "error": {
    "code": "unauthenticated",
    "message": "Invalid or missing enterprise API key"
  }
}

​Get an enterprise API key

​Use the API key

​Authentication errors

Get an enterprise API key

Use the API key

Authentication errors