Documentation
Reference for how DataMint works — connections, templates, access, scheduling, and security.
Connections
A connection is an encrypted link to one of your databases (MongoDB or PostgreSQL). DataMint connects read-only and never stores your data. Connect with a least-privilege read-only user; for managed Postgres (Neon/RDS) append ?sslmode=require.
Templates
A template defines a report: source collection/table, included fields, base filters, viewer-exposed filters, optional joins, value transforms, and an optional chart. Field paths support dotted access (e.g. user.email).
Exposed filters
Declare filters viewers can change at run time — string, number, boolean, date, date-range, or multiselect. Base filters always apply; exposed ones merge on top.
Access & sharing
Templates are visible to all org viewers until you grant a specific person — then they become restricted to granted users (admins/builders always see everything). You can also invite a non-member by email to one template, or create a token-gated public link that needs no login.
Exports & limits
Exports stream as Excel-safe CSV. Hard caps: 100,000 rows, 30-second query timeout, and a per-org export rate limit. These are not user-configurable.
Scheduling
Schedules run a template on a cron (with timezone) and email the CSV to recipients. Each run is logged with status, row count, and duration — see a schedule's History.
Security model
- Read-only query allowlist enforced at the driver.
- Connection strings encrypted at rest (AES-256-GCM); never returned to the browser or logged.
- Every metadata query is organization-scoped; outbound DB targets are checked against an SSRF blocklist.
- JWT auth with short-lived tokens; rate limiting on auth and exports.
Need more?
Check the FAQ or open a ticket from Help inside the app.