Was this page helpful?
API & Keys
API Key Management
API keys authenticate every request to the Zephex MCP endpoint. Create separate keys per environment, rotate them regularly, and revoke instantly if one is exposed.
CREATING KEYS
Create keys from Dashboard → API Keys. Each key is shown once at creation — copy it immediately. The dashboard only stores a SHA-256 hash after that point, so the plain-text key cannot be retrieved later.
The complete key secret is revealed only once. Copy and store it immediately (password manager, 1Password, or environment variable).
KEY FORMAT
Keys follow the pattern: mcp_<env>_{word}-{number}.{secret}
Examples:
• mcp_dev_local-01.abc123... — development
• mcp_prod_api-01.xyz789... — production
ONE KEY PER ENVIRONMENT
Use separate keys for local development, staging, and production. If a development key leaks in a commit, you revoke only that key without disrupting production. Each key inherits the rate limits from your plan — they share the same monthly quota.
KEY ROTATION
To rotate a key: create a new key first, update your editor config to use the new key, verify the connection works, then revoke the old key. This ensures zero downtime during rotation.
- Create a new key in the dashboard
- Update your editor config with the new key
- Restart your editor and verify 10 tools appear
- Revoke the old key from the dashboard
REVOKING KEYS
Revocation is instant. Once revoked, any request using that key returns an authentication error immediately. There is no grace period. If you accidentally committed a key to git, revoke it and create a new one — do not assume the exposure window was too short to matter.
SECURITY BEST PRACTICES
- Never commit API keys to version control — use environment variables or editor-level secrets
- Use VS Code's
promptStringinput to avoid storing keys in config files - Rotate keys every 90 days as a baseline policy
- Monitor usage in the dashboard — unexpected spikes may indicate a leaked key
- Use the minimum number of keys needed — fewer keys means fewer to track