Install
openclaw skills install netlify-apiNetlify
Netlify API integration with managed OAuth. View sites, deploys, builds, DNS zones, and environment variables. Use this skill when users want to view Netlify site information, check deploy status, or review build logs. Write operations (creating sites, triggering builds, modifying DNS or env vars) require explicit user approval with specific resource identifiers. For other third party apps, use the api-gateway skill (https://clawhub.ai/byungkyu/api-gateway). Requires network access and valid Maton API key.
Audits
PassNetlify
Access the Netlify API with managed OAuth authentication. View sites, deploys, builds, DNS zones, environment variables, and webhooks. Administrative write operations require explicit approval.
Quick Start
# List all sites
python <<'EOF'
import urllib.request, os, json
req = urllib.request.Request('https://api.maton.ai/netlify/api/v1/sites')
req.add_header('Authorization', f'Bearer {os.environ["MATON_API_KEY"]}')
print(json.dumps(json.load(urllib.request.urlopen(req)), indent=2))
EOF
Base URL
https://api.maton.ai/netlify/{native-api-path}
The gateway proxies requests to api.netlify.com and automatically injects your OAuth token. Only the endpoints documented in this skill are supported — always use specific endpoint paths from the API Reference section below rather than constructing arbitrary paths.
Authentication
All requests require the Maton API key in the Authorization header:
Authorization: Bearer $MATON_API_KEY
Environment Variable: Set your API key as MATON_API_KEY:
export MATON_API_KEY="YOUR_API_KEY"
Getting Your API Key
- Sign in or create an account at maton.ai
- Go to maton.ai/settings
- Copy your API key
Connection Management
Manage your Netlify OAuth connections at https://api.maton.ai.
List Connections
python <<'EOF'
import urllib.request, os, json
req = urllib.request.Request('https://api.maton.ai/connections?app=netlify&status=ACTIVE')
req.add_header('Authorization', f'Bearer {os.environ["MATON_API_KEY"]}')
print(json.dumps(json.load(urllib.request.urlopen(req)), indent=2))
EOF
Create Connection
python <<'EOF'
import urllib.request, os, json
data = json.dumps({'app': 'netlify'}).encode()
req = urllib.request.Request('https://api.maton.ai/connections', data=data, method='POST')
req.add_header('Authorization', f'Bearer {os.environ["MATON_API_KEY"]}')
req.add_header('Content-Type', 'application/json')
print(json.dumps(json.load(urllib.request.urlopen(req)), indent=2))
EOF
Get Connection
python <<'EOF'
import urllib.request, os, json
req = urllib.request.Request('https://api.maton.ai/connections/{connection_id}')
req.add_header('Authorization', f'Bearer {os.environ["MATON_API_KEY"]}')
print(json.dumps(json.load(urllib.request.urlopen(req)), indent=2))
EOF
Response:
{
"connection": {
"connection_id": "{connection_id}",
"status": "ACTIVE",
"creation_time": "2026-02-12T11:15:33.183756Z",
"last_updated_time": "2026-02-12T11:15:51.556556Z",
"url": "https://connect.maton.ai/?session_token=...",
"app": "netlify",
"metadata": {}
}
}
Open the returned url in a browser to complete OAuth authorization.
Delete Connection
python <<'EOF'
import urllib.request, os, json
req = urllib.request.Request('https://api.maton.ai/connections/{connection_id}', method='DELETE')
req.add_header('Authorization', f'Bearer {os.environ["MATON_API_KEY"]}')
print(json.dumps(json.load(urllib.request.urlopen(req)), indent=2))
EOF
Specifying Connection
If you have multiple Netlify connections, specify which one to use with the Maton-Connection header:
python <<'EOF'
import urllib.request, os, json
req = urllib.request.Request('https://api.maton.ai/netlify/api/v1/sites')
req.add_header('Authorization', f'Bearer {os.environ["MATON_API_KEY"]}')
req.add_header('Maton-Connection', '{connection_id}')
print(json.dumps(json.load(urllib.request.urlopen(req)), indent=2))
EOF
If you have multiple connections, always include this header to ensure requests go to the intended account.
Security & Permissions
- Access is scoped to sites, deploys, forms, submissions, and DNS within the connected Netlify account. Only install if you need Netlify administration. Prefer least-privilege OAuth access where available and review scopes before authorizing.
- Default to read-only operations. Always start by listing or retrieving resources to confirm account, site, and resource identifiers before proposing any changes.
- All write operations require explicit user approval with specific identifiers. Before executing any create, update, or delete call:
- Retrieve and display the target resource (site name/ID, deploy ID, DNS zone, env var key) so the user can verify.
- Clearly describe the intended effect (e.g., "This will delete site 'my-production-app' (site_id: abc123) and all its deploys").
- Wait for explicit user confirmation before proceeding.
- High-impact operations require extra caution. Deleting sites, modifying DNS zones/records, changing environment variables, and triggering production builds can affect live websites. These actions must include a summary of consequences and require confirmation.
- Prefer reversible actions. Use deploy locking over deletion, and rollback (restore deploy) over redeploying. Always confirm destructive operations like site deletion or DNS zone removal.
API Reference
User & Accounts
Get Current User
GET /netlify/api/v1/user
List Accounts
GET /netlify/api/v1/accounts
Get Account
GET /netlify/api/v1/accounts/{account_id}
Sites
List Sites
GET /netlify/api/v1/sites
With filtering:
GET /netlify/api/v1/sites?filter=all&page=1&per_page=100
Get Site
GET /netlify/api/v1/sites/{site_id}
Create Site
POST /netlify/api/v1/{account_slug}/sites
Content-Type: application/json
{
"name": "my-new-site"
}
Update Site
PUT /netlify/api/v1/sites/{site_id}
Content-Type: application/json
{
"name": "updated-site-name"
}
Delete Site
DELETE /netlify/api/v1/sites/{site_id}
Deploys
List Deploys
GET /netlify/api/v1/sites/{site_id}/deploys
Get Deploy
GET /netlify/api/v1/deploys/{deploy_id}
Create Deploy
POST /netlify/api/v1/sites/{site_id}/deploys
Content-Type: application/json
{
"title": "Deploy from API"
}
Lock Deploy
POST /netlify/api/v1/deploys/{deploy_id}/lock
Unlock Deploy
POST /netlify/api/v1/deploys/{deploy_id}/unlock
Restore Deploy (Rollback)
PUT /netlify/api/v1/deploys/{deploy_id}
Builds
List Builds
GET /netlify/api/v1/sites/{site_id}/builds
Get Build
GET /netlify/api/v1/builds/{build_id}
Trigger Build
POST /netlify/api/v1/sites/{site_id}/builds
Environment Variables
Environment variables are managed at the account level with optional site scope.
List Environment Variables
GET /netlify/api/v1/accounts/{account_id}/env?site_id={site_id}
Create Environment Variables
POST /netlify/api/v1/accounts/{account_id}/env?site_id={site_id}
Content-Type: application/json
[
{
"key": "MY_VAR",
"values": [
{"value": "my_value", "context": "all"}
]
}
]
Context values: all, production, deploy-preview, branch-deploy, dev
Update Environment Variable
PUT /netlify/api/v1/accounts/{account_id}/env/{key}?site_id={site_id}
Content-Type: application/json
{
"key": "MY_VAR",
"values": [
{"value": "updated_value", "context": "all"}
]
}
Delete Environment Variable
DELETE /netlify/api/v1/accounts/{account_id}/env/{key}?site_id={site_id}
DNS Zones
List DNS Zones
GET /netlify/api/v1/dns_zones
Create DNS Zone
POST /netlify/api/v1/dns_zones
Content-Type: application/json
{
"name": "example.com",
"account_slug": "my-account"
}
Get DNS Zone
GET /netlify/api/v1/dns_zones/{zone_id}
Delete DNS Zone
DELETE /netlify/api/v1/dns_zones/{zone_id}
DNS Records
List DNS Records
GET /netlify/api/v1/dns_zones/{zone_id}/dns_records
Create DNS Record
POST /netlify/api/v1/dns_zones/{zone_id}/dns_records
Content-Type: application/json
{
"type": "A",
"hostname": "www",
"value": "192.0.2.1",
"ttl": 3600
}
Delete DNS Record
DELETE /netlify/api/v1/dns_zones/{zone_id}/dns_records/{record_id}
Build Hooks
List Build Hooks
GET /netlify/api/v1/sites/{site_id}/build_hooks
Create Build Hook
POST /netlify/api/v1/sites/{site_id}/build_hooks
Content-Type: application/json
{
"title": "My Build Hook",
"branch": "main"
}
Response includes a url that can be POSTed to trigger a build.
Delete Build Hook
DELETE /netlify/api/v1/sites/{site_id}/build_hooks/{hook_id}
Webhooks
List Webhooks
GET /netlify/api/v1/hooks?site_id={site_id}
Create Webhook
POST /netlify/api/v1/hooks?site_id={site_id}
Content-Type: application/json
{
"type": "url",
"event": "deploy_created",
"data": {
"url": "https://example.com/webhook"
}
}
Events: deploy_created, deploy_building, deploy_failed, deploy_succeeded, form_submission
Delete Webhook
DELETE /netlify/api/v1/hooks/{hook_id}
Forms
List Forms
GET /netlify/api/v1/sites/{site_id}/forms
List Form Submissions
GET /netlify/api/v1/sites/{site_id}/submissions
Delete Form
DELETE /netlify/api/v1/sites/{site_id}/forms/{form_id}
Functions
List Functions
GET /netlify/api/v1/sites/{site_id}/functions
Services/Add-ons
List Available Services
GET /netlify/api/v1/services
Get Service Details
GET /netlify/api/v1/services/{service_id}
Pagination
Use page and per_page query parameters:
GET /netlify/api/v1/sites?page=1&per_page=100
Default per_page varies by endpoint. Check response headers for pagination info.
Code Examples
JavaScript
const response = await fetch(
'https://api.maton.ai/netlify/api/v1/sites',
{
headers: {
'Authorization': `Bearer ${process.env.MATON_API_KEY}`
}
}
);
const sites = await response.json();
Python
import os
import requests
response = requests.get(
'https://api.maton.ai/netlify/api/v1/sites',
headers={'Authorization': f'Bearer {os.environ["MATON_API_KEY"]}'}
)
sites = response.json()
Create Site and Set Environment Variable
import os
import requests
headers = {'Authorization': f'Bearer {os.environ["MATON_API_KEY"]}'}
# Create site
site = requests.post(
'https://api.maton.ai/netlify/api/v1/my-account/sites',
headers=headers,
json={'name': 'my-new-site'}
).json()
# Add environment variable
requests.post(
f'https://api.maton.ai/netlify/api/v1/accounts/{site["account_id"]}/env',
headers=headers,
params={'site_id': site['id']},
json=[{'key': 'API_KEY', 'values': [{'value': 'secret', 'context': 'all'}]}]
)
Notes
- Site IDs are UUIDs (e.g.,
d37d1ce4-5444-40f5-a4ca-a2c40a8b6835) - Account slugs are used for creating sites within a team (e.g.,
my-team-slug) - Deploy IDs are returned when creating deploys and can be used to track deploy status
- Build hooks return a URL that can be POSTed to externally trigger builds
- Environment variable contexts control where variables are available:
all,production,deploy-preview,branch-deploy,dev - IMPORTANT: When using curl commands, use
curl -gwhen URLs contain brackets to disable glob parsing - IMPORTANT: When piping curl output to
jqor other commands, environment variables like$MATON_API_KEYmay not expand correctly in some shell environments
Error Handling
| Status | Meaning |
|---|---|
| 400 | Missing Netlify connection |
| 401 | Invalid or missing Maton API key |
| 404 | Resource not found |
| 429 | Rate limited |
| 4xx/5xx | Passthrough error from Netlify API |
Troubleshooting: API Key Issues
- Check that the
MATON_API_KEYenvironment variable is set:
echo $MATON_API_KEY
- Verify the API key is valid by listing connections:
python <<'EOF'
import urllib.request, os, json
req = urllib.request.Request('https://api.maton.ai/connections')
req.add_header('Authorization', f'Bearer {os.environ["MATON_API_KEY"]}')
print(json.dumps(json.load(urllib.request.urlopen(req)), indent=2))
EOF
Troubleshooting: Invalid App Name
- Ensure your URL path starts with
netlify. For example:
- Correct:
https://api.maton.ai/netlify/api/v1/sites - Incorrect:
https://api.maton.ai/api/v1/sites