> For the complete documentation index, see [llms.txt](https://docs.allmcp.co/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.allmcp.co/api-reference/api-keys.md). # API Keys AllMCP uses API keys to authenticate requests and identify the client making the call. *** ## Getting a key {% stepper %} {% step %} #### Sign up and open the dashboard Sign up or log in at [allmcp.co/login](https://allmcp.co/login), then go to Dashboard → **API Keys** → **Create key**. {% endstep %} {% step %} #### Copy your key Keys look like: ``` allmcp_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx ``` {% endstep %} {% endstepper %} *** ## How to pass the key Both methods work identically. `X-API-Key` is preferred because it's more explicit and avoids confusion with other Bearer token schemes. {% tabs %} {% tab title="X-API-Key header (preferred)" %} ``` X-API-Key: allmcp_xxxxx ``` {% endtab %} {% tab title="Authorization Bearer" %} ``` Authorization: Bearer allmcp_xxxxx ``` {% endtab %} {% endtabs %} *** ## Key types All key types look the same (`allmcp_...`). The difference is in what tenants are scoped to the key — configured in the AllMCP dashboard. | Type | Usage | | ---------------- | ------------------------------------------------------------------------------------- | | **Solo key** | One developer, one user. Used in Claude Desktop, Cursor, personal agents. | | **Client key** | One company, multiple users. Your team connects with `?user_id=`. | | **Platform key** | One platform, multiple orgs + users. Multi-tenant SaaS. Use `?org_id=` + `?user_id=`. | {% hint style="info" icon="layer-group" %} **Tenant scoping is set per key.** See [multi-tenancy.md](/api-reference/multi-tenancy.md) for how Solo, 2-level, and 3-level modes map to these key types. {% endhint %} *** ## Key security {% hint style="danger" icon="lock" %} **Treat your key like a password.** AllMCP stores keys securely and cannot show you a key again after you create it, so save it somewhere safe. If a key is lost or compromised, revoke it from the dashboard and issue a new one. {% endhint %} In code, load keys from environment variables, not hardcoded strings: {% code title="example.py" %} ```python import os api_key = os.environ["ALLMCP_API_KEY"] ``` {% endcode %} In `.env`: {% code title=".env" %} ``` ALLMCP_API_KEY=allmcp_xxxxx ``` {% endcode %} *** ## Key scoping in config files {% hint style="warning" icon="shield-halved" %} **Never commit API keys to version control.** For MCP client config files that contain keys, add them to `.gitignore` — or use environment variable interpolation where your client supports it. {% endhint %} {% code title=".gitignore" %} ```bash # .gitignore .cursor/mcp.json .vscode/mcp.json ``` {% endcode %} *** ## Rate limits and quotas Rate limits are per API key and per provider. Provider-level limits (e.g., Bitrix24's \~2 req/sec per webhook) are enforced by the provider, not AllMCP. AllMCP itself does not impose additional rate limits at this time. *** ## See also {% content-ref url="/pages/tDYGirSC1ljwIlfeJcip" %} [Multi-Tenancy](/api-reference/multi-tenancy.md) {% endcontent-ref %} {% content-ref url="/pages/FeEzNlmNc9WJlDDyelEN" %} [System Tools](/api-reference/system-tools.md) {% endcontent-ref %} --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.allmcp.co/api-reference/api-keys.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.