API Keys
Manage the secret tokens used by your AI assistants to access Milkey.
Your Milkey API keys carry the exact same privileges as your user account. They permit AI coding tools to read your enabled skills and log usage against your billing quota. Managing them securely is paramount.
Creating keys
You can create multiple API keys. For instance, generating one for Claude Desktop and a separate one for an automated CI/CD bot is highly recommended.
- Open your Milkey Dashboard.
- Open the API Keys section.
- Click Create Key, name it (e.g., "Cursor Work Mac"), and save the resulting
mk_live_...token immediately.
Warning
For security reasons, we do not store the plaintext of your API keys. Once you close the modal, you will not be able to retrieve the full key again. If you lose it, you must generate a new one.
Best practices
- Use clear names: This helps you easily identify which key belongs to which machine or service if you ever need to revoke one.
- Never commit: Do not put your API key in version control (e.g., git). Always inject it via system environment variables.
- Rotate continuously: If you suspect a key is compromised, remove it immediately. There is no limit to the number of keys you can create across time.
Revoking a key
Revoking a key takes effect instantly. Any running sessions or automated jobs relying on that key will fail with a 401 error on their next network request. You can delete an API key by clicking the trash icon next to it in your API Keys dashboard view.