Confirming API Access to Authoring Limit Site Settings

I’m working on an integration that publishes and syncs companion topics into Discourse via the API. For setup diagnostics, I’d like to read the forum’s current authoring limits so the integration can preflight content before attempting to create or update topics.

The settings I’m trying to confirm access for include:

min_topic_title_length
max_topic_title_length
min_first_post_length
min_post_length
max_post_length
max_tags_per_topic
max_tag_length
tagging_enabled
create_tag_allowed_groups
tag_topic_allowed_groups

I first checked /site.json, which is accessible and useful for public capability hints, but it does not appear to expose these concrete authoring-limit settings.

With an API key for a non-admin bot user, these returned 404:

/site_settings.json
/admin/site_settings.json
/admin/site_settings

After making the bot user an admin, these worked:

/admin/site_settings.json
/admin/site_settings

Using headers:

Accept: application/json
Api-Key: ...
Api-Username: discussbridge-bot
X-Requested-With: XMLHttpRequest

/site_settings.json still returned 404.

My questions:

  1. Is /admin/site_settings.json the expected API path for reading current site settings?
  2. Is admin user permission required, or is there a supported read-only/granular API scope for this?
  3. Is /site_settings.json deprecated, plugin-dependent, or not expected to exist?
  4. For integrations, is the recommended pattern to use an admin-capable diagnostics/setup key for reading settings, while using a less-privileged publishing key for normal topic/post sync work?

The goal is not to change settings via API, only to read them during setup diagnostics so the integration

  1. It’s /admin/site_settings.json

  2. You need to be an admin, except for settings that have client: true, those can be found in /site/settings.json

All settings you need, except for the last two, can be found in /site/settings.json.

But for allowed groups, the mechanism works differently: if you request /site.json as a specific user, you can inspect can_tag_topics and can_create_tags.

  1. AFAIK /site_settings.json never existed.

  2. I think that, for your specific use case, you can get away with a regular user and using the pattern under #2.