API keys
Generate personal access tokens to connect external AI tools to your ProAgent Me subscription.
Every external-tool integration authenticates with a personal API key you generate in the dashboard. One key per device or tool; five active keys maximum per account.
Generate a key
- Open API keys in your dashboard (Settings → API keys).
- Click Create. Give it a descriptive label — for example, "Claude Code on MacBook" or "My ChatGPT Custom GPT".
- Copy the token immediately. It starts with
pam_…and is shown exactly once. Store it in a password manager.
Keys are shown in plain text exactly once at creation. After you dismiss the banner, only the first 12 characters remain visible in the UI (for identification). If you lose a key, revoke it and create a new one.
Revoke a key
From the same page, click the trash icon next to any active key and confirm. The token is invalidated immediately — any in-flight request using it gets a 401 on its next call.
We don't hard-delete revoked keys; they stay in the list (collapsed
below the active ones) with their lastUsedAt timestamp preserved
for audit.
Limits
| Limit | Value |
|---|---|
| Active keys per user | 5 |
| Revoked keys retained | Unlimited (for audit) |
| Rotation cadence | No enforced rotation — rotate when a device is lost or compromised |
Security tips
- Never commit a key to a repo. The stdio wrapper reads from an
envblock in.mcp.jsonor similar — add those files to.gitignoreif they contain real keys (though most project-level configs don't). - Use one key per device so you can revoke granularly if a laptop is lost.
- If you suspect a leak, revoke the key immediately. Requests made after revocation fail; requests before revocation already landed and are accounted for in your usage.