Create, scope, and rotate keys for the API, CLI, and MCP.
01
Create
- -Personal Settings → Developer → API Keys for personal or network-scoped CLI/MCP work.
- -Company Settings → Developer → API Keys for company-bound automation.
- -Copy immediately — the key is shown once.
- -Use a separate key per environment (laptop, CI, production).
02
Use
- -
Authorization: Bearer op_...for HTTP. - -
OPERALTA_API_KEYfor the CLI and MCP server.
03
Scopes
- -Prefer explicit scopes:
context:read,metrics.actuals:read,contacts:write,connect:write,artifacts:write,rooms:read,integrations:write,reports.send:manage. - -No-company personal keys are limited to scopes that do not require company authority; network workflows should pass
OPERALTA_NETWORK_IDor--network-idwhere supported. - -Legacy
read/write/adminstill work but are coarser. - -A key is always capped by your real role; use bundles per integration.
- -Company-bound key usage is logged in the company audit trail.