Docs · Browse sections

Authentication

Authenticate your requests.

Securely connect to the ContextStream API with API keys passed as bearer tokens. Same keys power MCP, REST, and SDK access.

Step 1

Obtaining your API key

  1. 01

    Sign up or log in to your account.

  2. 02

    Navigate to your dashboard and click on “API Keys”.

  3. 03

    Click “Create New Key” and give it a descriptive name.

  4. 04

    Copy your API key immediately — it won't be shown again.

Step 2

Using your API key

Include your API key in the Authorization header as a bearer token.

authorization header
Authorization: Bearer cs_live_xxxxxxxxxxxxxxxxxxxx

Alternatively, you can use the X-API-Key header.

x-api-key header
X-API-Key: cs_live_xxxxxxxxxxxxxxxxxxxx

Key types

Live keys vs test keys.

cs_live_*

Live keys

Production keys with full access to your workspaces and data. Use these in your production applications and MCP integrations.

cs_test_*

Test keys

Development keys that operate in a sandboxed environment. Data created with test keys is isolated and can be safely deleted.

Security

Security best practices

Keep your keys secure

Never expose API keys in client-side code, public repositories, or logs.

Store API keys in environment variables or secret managers

Use different keys for development and production

Rotate keys periodically and after any suspected compromise

Set up key restrictions by IP or domain when possible

Never commit API keys to version control

Never include keys in client-side JavaScript

Errors

Authentication errors

401Unauthorized

The API key is missing or invalid. Check that you're including the header correctly.

403Forbidden

The API key doesn't have permission for this action. Check your key's scope and workspace access.

Next steps

Keep going.

Quickstart guide

Make your first API call.

Read

MCP integration

Connect editors and agents to ContextStream over MCP.

Read