Overview

API keys provide authentication for the Contox CLI, MCP server, VS Code extension, and any custom integration. Manage your keys from Settings > API Keys in the dashboard.

Creating a key

1. Navigate to Settings > API Keys in the dashboard
2. Click Create API Key
3. Enter a descriptive name (e.g., "CLI - MacBook Pro" or "MCP Server - Work")
4. Click Create

The full API key is displayed immediately after creation. Copy it now -- it will never be shown again. Keys are SHA-256 hashed before storage, making retrieval impossible.

Key format

API keys follow the format:

contox_sk_<random_characters>

The contox_sk_ prefix identifies it as a Contox secret key.

Viewing keys

The API Keys list shows all your keys with:

Using keys

CLI

Set the key as an environment variable or pass it during login:

contox login --key contox_sk_yourkey

MCP server

Configure the key in your MCP server settings:

{
  "mcpServers": {
    "contox": {
      "env": {
        "CONTOX_API_KEY": "contox_sk_yourkey"
      }
    }
  }
}

VS Code extension

Enter the key in the extension settings when prompted.

Direct API calls

Include the key in the Authorization header:

curl -H "Authorization: Bearer contox_sk_yourkey" \
  https://contox.dev/api/projects

Deleting a key

1. Find the key in the list
2. Click the Delete button
3. Confirm the deletion

Deletion is immediate and irreversible. Any tool or integration using the deleted key will stop working immediately.

Best practices

• One key per tool -- Create separate keys for your CLI, MCP server, and VS Code extension so you can revoke them independently
• Descriptive names -- Use names that identify both the tool and the machine (e.g., "CLI - Work Laptop")
• Regular rotation -- Create a new key and delete the old one periodically
• Environment variables -- Store keys in environment variables, never in source code or configuration files committed to version control

Next steps

• Authentication -- API authentication methods
• Settings -- Other account settings