Wiki.js GraphQL API
Wiki.js is a powerful open-source wiki platform with a GraphQL API for managing pages, assets, users, navigation trees, and search. Designed for self-hosted deployment on any cloud or on-premises infrastructure with markdown-first content storage.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
TLS depends on deployer — Wiki.js itself doesn't enforce HTTPS, requiring a reverse proxy (nginx, Caddy). API tokens have no scope restrictions or expiry by default. Token security is operator-managed. No IP allowlisting. For security-sensitive deployments, place Wiki.js behind a VPN and use network-level access controls.
⚡ Reliability
Best When
Your team self-hosts a knowledge base and needs full data ownership with a GraphQL API for agent-driven documentation automation, especially in air-gapped or privacy-sensitive environments.
Avoid When
You need a managed SaaS wiki with zero ops overhead, or your team is already on Confluence or Notion.
Use Cases
- • Querying internal wiki pages for RAG pipelines and documentation-grounded agent responses
- • Creating and updating wiki pages with agent-generated content (runbooks, post-mortems, ADRs)
- • Searching wiki content for employee self-service knowledge agents
- • Automating documentation publication from CI/CD pipelines via GraphQL mutations
- • Managing user access and page permissions programmatically for onboarding automation
Not For
- • Teams without self-hosting infrastructure (Wiki.js requires a server/container)
- • Cloud-SaaS-only environments unwilling to manage infrastructure
- • High-traffic public documentation sites needing CDN-backed delivery
- • Non-technical teams needing zero-maintenance documentation platforms
Interface
Authentication
API access tokens are created per user in Wiki.js admin panel. Tokens are passed as Authorization: Bearer header. No OAuth or fine-grained scope control — tokens inherit the creating user's role and permissions. Create a dedicated service account with a minimal role for agent access.
Pricing
Fully free and open-source. Infrastructure costs are self-managed. DigitalOcean, Fly.io, or Docker deployment is common. No SaaS pricing model.
Agent Metadata
Known Gotchas
- ⚠ GraphQL mutations return a ResponseStatus object with succeeded and errorCode fields — HTTP 200 is returned even for failures; agents must check the response body
- ⚠ Page content must be submitted in the correct content type (markdown, html, etc.) matching the page editor — mixing types corrupts content
- ⚠ Page paths are hierarchical strings (e.g., /engineering/runbooks/deploy) — creating nested paths requires parent pages to exist first
- ⚠ No built-in search API in GraphQL for full-text content search — requires Elasticsearch or PostgreSQL FTS to be configured; agents should verify search is enabled
- ⚠ API tokens have no expiry by default — rotation requires manual admin action; leaked tokens are persistent until manually revoked
- ⚠ Wiki.js v3 (Docs) is a complete rewrite with incompatible API — verify which major version is deployed before writing agent code
- ⚠ No webhooks in core Wiki.js — event-driven agents must poll for changes or use database triggers
- ⚠ Page locale is required for all page operations — multilingual wikis require locale-aware queries
Alternatives
Full Evaluation Report
Detailed scoring breakdown, competitive positioning, security analysis, and improvement recommendations for Wiki.js GraphQL API.
Scores are editorial opinions as of 2026-03-06.