Webenta Index / Docs
Pricing Changelog Sign in
Access & security

API keys

Per-project or global; bearer or OAuth; read-only or read/write.

Go to Account → API Keys and click + New global key. Create as many keys as you like — each can be revoked instantly without affecting others.

#Scopes

  • Per-project — locked to one project. The agent can only read and write data inside that project. Default for free plans.
  • Global — works across every project on the account and can create new ones. Paid plans only.
  • Read-only vs Read/write — pick at creation time. Give your agent read/write; share read-only keys if you want others to query your data without touching it.

#Where to paste the key

  • Claude Code — pass it as a bearer token in the claude mcp add command.
  • Cursor, VS Code, Windsurf, Gemini CLI — add it as an Authorization: Bearer header in the JSON config.
  • Claude.ai — uses OAuth. Paste the key as the OAuth Client Secret when adding the connector. Any string works for the Client ID — it's just a label.

#Rotating a key

Create a new key, update it in your agent config, then revoke the old one. There is no in-place rotation — the old key stays valid until you explicitly delete it, so you can roll deployments without downtime.

Treat keys like passwords
Never commit keys to git. Use your runtime's secrets store or an environment variable. Rotate immediately if a key is ever exposed.
← Previous Dashboards Next → Usage & logs