Skip to main content
Developer keys, labeled MCP Keys in the app, are personal tokens that authenticate you to the MCP server. Use them for scripts, servers, and any client where the browser-based OAuth flow is not a fit. Each key begins with nkw_live_.

Create a key

1

Open the app

Sign in at nikiwa.com.
2

Open MCP Keys

Click your profile in the sidebar, then MCP Keys.
3

Create

Give the key a name, such as “trading-bot” or “research-notebook”, and create it.
4

Copy it now

The full key is shown once. Copy it and store it somewhere safe. Nikiwa never displays the full key again.
The raw key is revealed only at creation. After that, the app shows only a non-secret key prefix. If you lose a key, revoke it and create a new one. There is no way to recover the original secret.

Use a key

Add the key as a Bearer token in your MCP client’s config for the Nikiwa server:
MCP client config
{
  "mcpServers": {
    "nikiwa": {
      "url": "https://pro-api.nikiwa.com/mcp",
      "headers": {
        "Authorization": "Bearer nkw_live_YOUR_KEY"
      }
    }
  }
}
Exact config differs per client, but the essentials are always the same: the endpoint https://pro-api.nikiwa.com/mcp and an Authorization: Bearer header carrying your key.

Manage keys

From the MCP Keys panel you can see each key’s name, prefix, creation date, and when it was last used, along with its usage.

Revoking a key

Revoke a key from the same panel. Revocation is immediate: a revoked key stops authenticating to both the API and the MCP server at once. Revoke any key you suspect has leaked, then create a replacement.

Scope and limits

  • Scope: keys carry mcp:call, which authorizes the MCP server. The Tools API uses a separate api:call scope.
  • Rate limit: each key has its own per-minute rate limit, 60 requests per minute by default.
  • Metering: usage is tracked per key. See Usage & metering.
A key authenticates as you. Never commit one to source control or ship it in client-side or browser code, where users could extract it.