> ## Documentation Index
> Fetch the complete documentation index at: https://docs.creatoraudit.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Manage API keys

> Create, rename, disable, and delete bearer tokens for the CreatorAudit API, and connect AI agents over MCP with the in-product helper.

API keys are the bearer credentials for the [public API](/api-reference/introduction). A key lets you pull the same accounts, creators, videos, and analytics you see in the dashboard into your own tools. Open the **API keys** page from the **Tools** group in the sidebar to create and manage your keys.

## How keys authenticate

Send your key as a bearer token on every API request:

```bash theme={null}
curl https://api.creatoraudit.com/v2/whoami \
  -H "Authorization: Bearer YOUR_API_KEY"
```

A key is scoped to one **organization** — the workspace you're in when you create it. It returns only that organization's data.

## Create a key

<Steps>
  <Step title="Open the API keys page">
    Go to **API keys** in the sidebar.
  </Step>

  <Step title="Name the key">
    Enter a name that describes where the key will be used — for example, the app or
    workflow that will hold it.
  </Step>

  <Step title="Generate it">
    Click **Generate key**. The full key is shown once in a modal with a copy button.
  </Step>

  <Step title="Copy and store it">
    Copy the key and store it somewhere safe, then acknowledge **I have copied** to close the modal.
  </Step>
</Steps>

<Warning>
  The full key is shown **only once**, at creation. After you close the modal you can't
  see it again — if you lose it, delete the key and create a new one. Treat a key like a
  password: never embed it in client-side code or commit it to source control.
</Warning>

## Connect to an AI agent (MCP)

The **API keys** page also shows a **Connect to an AI agent (MCP)** helper card, and the same helper appears inside the key-created dialog right after you generate a key. Use it to wire up the [hosted MCP server](/agents/mcp) without copy-pasting a key by hand.

The helper auto-selects the organization's active API key. If your org has no key yet, opening the helper **auto-creates one** for you — so every install command and deeplink it produces is already filled in with a working key.

Pick the client you use; the card gives you one method per client:

| Client                       | What the helper produces                                                           |
| ---------------------------- | ---------------------------------------------------------------------------------- |
| **Claude Code**              | A ready-to-run `claude mcp add … --header` command.                                |
| **Codex**                    | A ready-to-run `codex mcp add … --url` command.                                    |
| **VS Code**                  | A ready-to-run `code --add-mcp` command.                                           |
| **Cursor**                   | A one-click **Add to Cursor** deeplink that installs the server in Cursor.         |
| **Claude Desktop / ChatGPT** | The connector URL with `?api_key=…` to paste into the client's "add connector" UI. |

Copy the command (or click the deeplink), run or paste it into your client, then restart the client. See [Connect via MCP](/agents/mcp) for the full setup, transport details, and which scopes each tool needs.

<Tip>
  Because the helper substitutes the key for you, you never need to reveal or copy the
  raw key to connect an agent. The masked key on the page is still useful for spotting
  which key a connector is using.
</Tip>

## Manage existing keys

Keys are listed in **Enabled** and **Disabled** sections. Each card shows:

* The **name** — click to edit it inline.
* The **status** — enabled or disabled.
* A **masked key** with a copy button.
* **Last used** — when the key last made a request.
* **Created** — when you generated it.

### Disable vs. delete

* **Disable** — toggle a key off to revoke its access immediately without removing it. Re-enable it later to restore access. Use this to rotate or temporarily cut off a key.
* **Delete** — remove a key permanently. You're asked to confirm, and you're warned if the key was used in the last 24 hours, since deleting it will break whatever is still calling the API with it.

## Related

<Columns cols={2}>
  <Card title="Authentication" icon="lock" href="/api-reference/authentication">
    How bearer authentication works and what an invalid key returns.
  </Card>

  <Card title="Quickstart" icon="rocket" href="/quickstart">
    Use your new key to make a first authenticated request.
  </Card>
</Columns>
