Skip to main content
API keys are the bearer credentials for the public API. A key lets you pull the same accounts, creators, videos, and analytics you see in the dashboard into your own tools. Open the API keys page from the Tools group in the sidebar to create and manage your keys.

How keys authenticate

Send your key as a bearer token on every API request:
curl https://api.creatoraudit.com/v2/whoami \
  -H "Authorization: Bearer YOUR_API_KEY"
A key is scoped to one organization — the workspace you’re in when you create it. It returns only that organization’s data.

Create a key

1

Open the API keys page

Go to API keys in the sidebar.
2

Name the key

Enter a name that describes where the key will be used — for example, the app or workflow that will hold it.
3

Generate it

Click Generate key. The full key is shown once in a modal with a copy button.
4

Copy and store it

Copy the key and store it somewhere safe, then acknowledge I have copied to close the modal.
The full key is shown only once, at creation. After you close the modal you can’t see it again — if you lose it, delete the key and create a new one. Treat a key like a password: never embed it in client-side code or commit it to source control.

Connect to an AI agent (MCP)

The API keys page also shows a Connect to an AI agent (MCP) helper card, and the same helper appears inside the key-created dialog right after you generate a key. Use it to wire up the hosted MCP server without copy-pasting a key by hand. The helper auto-selects the organization’s active API key. If your org has no key yet, opening the helper auto-creates one for you — so every install command and deeplink it produces is already filled in with a working key. Pick the client you use; the card gives you one method per client:
ClientWhat the helper produces
Claude CodeA ready-to-run claude mcp add … --header command.
CodexA ready-to-run codex mcp add … --url command.
VS CodeA ready-to-run code --add-mcp command.
CursorA one-click Add to Cursor deeplink that installs the server in Cursor.
Claude Desktop / ChatGPTThe connector URL with ?api_key=… to paste into the client’s “add connector” UI.
Copy the command (or click the deeplink), run or paste it into your client, then restart the client. See Connect via MCP for the full setup, transport details, and which scopes each tool needs.
Because the helper substitutes the key for you, you never need to reveal or copy the raw key to connect an agent. The masked key on the page is still useful for spotting which key a connector is using.

Manage existing keys

Keys are listed in Enabled and Disabled sections. Each card shows:
  • The name — click to edit it inline.
  • The status — enabled or disabled.
  • A masked key with a copy button.
  • Last used — when the key last made a request.
  • Created — when you generated it.

Disable vs. delete

  • Disable — toggle a key off to revoke its access immediately without removing it. Re-enable it later to restore access. Use this to rotate or temporarily cut off a key.
  • Delete — remove a key permanently. You’re asked to confirm, and you’re warned if the key was used in the last 24 hours, since deleting it will break whatever is still calling the API with it.

Authentication

How bearer authentication works and what an invalid key returns.

Quickstart

Use your new key to make a first authenticated request.