API keys

Create a key
Key usage patterns
MCP auth check
Security requirements

Create a key

Open DevTools account settings.
Create an API key.
Store it in your secrets manager.
Inject it at runtime.

Key usage patterns

Use case	Required headers	Notes
Resource logs	`X-API-Key`	Identity is inferred from URL path ownership + key context
Unified MCP	`X-API-Key` + `X-User-Username`	User-scoped capability checks
GitHub MCP	`X-API-Key` + `X-User-Username`	Requires connected GitHub account

MCP auth check

curl -sS https://mcp.alshival.ai/mcp/ \
  -H "Content-Type: application/json" \
  -H "X-API-Key: $ALSHIVAL_API_KEY" \
  -H "X-User-Username: $ALSHIVAL_USERNAME" \
  -d '{"jsonrpc":"2.0","id":"1","method":"tools/list","params":{}}'

Security requirements

Never commit keys to source control.
Use one key per deployed service.
Rotate keys immediately after exposure.

Platform overview

Resources

Get started

SDKs

Platform

Help

Create a key

Key usage patterns

MCP auth check

Security requirements

Get started

SDKs

Platform

Help

​Create a key

​Key usage patterns

​MCP auth check

​Security requirements

Create a key

Key usage patterns

MCP auth check

Security requirements