MCP Authentication
The MCP server uses API keys for authentication. Each request must include a valid key.
Creating an API Key
- Subscribe to the MCP + API plan
- Go to Profile → API
- Click "Generate API Key"
- Copy the key immediately — it's shown only once
Your API key is shown only once when generated. If you lose it, you can regenerate a new one (the old key will be revoked).
Key Format
API keys start with the tsk_ prefix followed by 48 characters:
tsk_a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0u1v2w3x4How Authentication Works
When using the npm package (tube-search-mcp), pass the key via environment variable:
TUBE_API_KEY=tsk_... npx tube-search-mcpWhen connecting directly via Streamable HTTP, include the key in the Authorization header:
Authorization: Bearer tsk_YOUR_KEY_HERERotating Keys
To rotate your API key:
- Go to Profile → API
- Click "Regenerate"
- The old key is immediately revoked
- Copy the new key and update your client config
Security
- Keys are hashed (SHA-256) in our database — we cannot see your key after creation
- One active key per user at a time
- API keys grant the same access level as your subscription tier
- API keys cannot access admin features
Store your API key in environment variables, not in code or config files committed to version control.