diff --git a/internal/config/options.go b/internal/config/options.go
index 368c0816..6ed1b12c 100644
--- a/internal/config/options.go
+++ b/internal/config/options.go
@@ -90,6 +90,7 @@ const (
 	defaultWatchdog                           = true
 	defaultInvidiousInstance                  = "yewtu.be"
 	defaultWebAuthn                           = false
+	defaultDisableAPI                         = false
 )
 
 var defaultHTTPClientUserAgent = "Mozilla/5.0 (compatible; Miniflux/" + version.Version + "; +https://miniflux.app)"
@@ -184,6 +185,7 @@ type options struct {
 	invidiousInstance                  string
 	mediaProxyPrivateKey               []byte
 	webAuthn                           bool
+	API                                bool
 }
 
 // NewOptions returns Options with default values.
@@ -264,6 +266,7 @@ func NewOptions() *options {
 		invidiousInstance:                  defaultInvidiousInstance,
 		mediaProxyPrivateKey:               crypto.GenerateRandomBytes(16),
 		webAuthn:                           defaultWebAuthn,
+		API:                                !defaultDisableAPI,
 	}
 }
 
@@ -677,6 +680,11 @@ func (o *options) WebAuthn() bool {
 	return o.webAuthn
 }
 
+// EnableAPI returns true if API is enabled
+func (o *options) EnableAPI() bool {
+	return o.API
+}
+
 // FilterEntryMaxAgeDays returns the number of days after which entries should be retained.
 func (o *options) FilterEntryMaxAgeDays() int {
 	return o.filterEntryMaxAgeDays
diff --git a/internal/config/parser.go b/internal/config/parser.go
index f1fdf5ab..e6ef6f54 100644
--- a/internal/config/parser.go
+++ b/internal/config/parser.go
@@ -260,6 +260,8 @@ func (p *parser) parseLines(lines []string) (err error) {
 			p.opts.invidiousInstance = parseString(value, defaultInvidiousInstance)
 		case "WEBAUTHN":
 			p.opts.webAuthn = parseBool(value, defaultWebAuthn)
+		case "DISABLE_API":
+			p.opts.API = !parseBool(value, defaultDisableAPI)
 		}
 	}
 
diff --git a/internal/http/server/httpd.go b/internal/http/server/httpd.go
index 32bf2275..a0535e9d 100644
--- a/internal/http/server/httpd.go
+++ b/internal/http/server/httpd.go
@@ -243,7 +243,9 @@ func setupHandler(store *storage.Storage, pool *worker.Pool) *mux.Router {
 
 	fever.Serve(subrouter, store)
 	googlereader.Serve(subrouter, store)
-	api.Serve(subrouter, store, pool)
+	if config.Opts.EnableAPI() {
+		api.Serve(subrouter, store, pool)
+	}
 	ui.Serve(subrouter, store, pool)
 
 	subrouter.HandleFunc("/healthcheck", readinessProbe).Name("healthcheck")
diff --git a/internal/template/templates/common/settings_menu.html b/internal/template/templates/common/settings_menu.html
index 1118483a..dfbb35f2 100644
--- a/internal/template/templates/common/settings_menu.html
+++ b/internal/template/templates/common/settings_menu.html
@@ -7,9 +7,11 @@
         <li>
             <a href="{{ route "integrations" }}">{{ icon "third-party-services" }}{{ t "menu.integrations" }}</a>
         </li>
+        {{ if .apiEnabled }}
         <li>
             <a href="{{ route "apiKeys" }}">{{ icon "api" }}{{ t "menu.api_keys" }}</a>
         </li>
+        {{ end }}
         <li>
             <a href="{{ route "sessions" }}">{{ icon "sessions" }}{{ t "menu.sessions" }}</a>
         </li>
diff --git a/internal/ui/ui.go b/internal/ui/ui.go
index 0a7187f3..b4d72226 100644
--- a/internal/ui/ui.go
+++ b/internal/ui/ui.go
@@ -132,10 +132,12 @@ func Serve(router *mux.Router, store *storage.Storage, pool *worker.Pool) {
 	uiRouter.HandleFunc("/sessions/{sessionID}/remove", handler.removeSession).Name("removeSession").Methods(http.MethodPost)
 
 	// API Keys pages.
-	uiRouter.HandleFunc("/keys", handler.showAPIKeysPage).Name("apiKeys").Methods(http.MethodGet)
-	uiRouter.HandleFunc("/keys/{keyID}/delete", handler.deleteAPIKey).Name("deleteAPIKey").Methods(http.MethodPost)
-	uiRouter.HandleFunc("/keys/create", handler.showCreateAPIKeyPage).Name("createAPIKey").Methods(http.MethodGet)
-	uiRouter.HandleFunc("/keys/save", handler.saveAPIKey).Name("saveAPIKey").Methods(http.MethodPost)
+	if config.Opts.EnableAPI() {
+		uiRouter.HandleFunc("/keys", handler.showAPIKeysPage).Name("apiKeys").Methods(http.MethodGet)
+		uiRouter.HandleFunc("/keys/{keyID}/delete", handler.deleteAPIKey).Name("deleteAPIKey").Methods(http.MethodPost)
+		uiRouter.HandleFunc("/keys/create", handler.showCreateAPIKeyPage).Name("createAPIKey").Methods(http.MethodGet)
+		uiRouter.HandleFunc("/keys/save", handler.saveAPIKey).Name("saveAPIKey").Methods(http.MethodPost)
+	}
 
 	// OPML pages.
 	uiRouter.HandleFunc("/export", handler.exportFeeds).Name("export").Methods(http.MethodGet)
diff --git a/internal/ui/view/view.go b/internal/ui/view/view.go
index 302a6fdb..f9745e3e 100644
--- a/internal/ui/view/view.go
+++ b/internal/ui/view/view.go
@@ -45,5 +45,6 @@ func New(tpl *template.Engine, r *http.Request, sess *session.Session) *view {
 		"app_js_checksum":   static.JavascriptBundles["app"].Checksum,
 		"sw_js_checksum":    static.JavascriptBundles["service-worker"].Checksum,
 		"webAuthnEnabled":   config.Opts.WebAuthn(),
+		"apiEnabled":        config.Opts.EnableAPI(),
 	}}
 }
diff --git a/miniflux.1 b/miniflux.1
index 374e5258..8078dc17 100644
--- a/miniflux.1
+++ b/miniflux.1
@@ -235,6 +235,11 @@ Path to a secret key exposed as a file, it should contain $DATABASE_URL value\&.
 .br
 Default is empty\&.
 .TP
+.B API
+Enable or disable miniflux' API\&.
+.br
+Default is enabled\&.
+.TP
 .B DISABLE_HSTS
 Disable HTTP Strict Transport Security header if \fBHTTPS\fR is set\&.
 .br