MemoryKit

Authentication

Authenticate API requests with project-scoped API keys.

API Keys

All API requests require an API key sent in the Authorization header. API keys are project-scoped — create them in your dashboard.

Authorization: Bearer ctx_your_api_key_here

Keys start with ctx_ and are shown only once when created. Store them securely.

Creating an API key

Follow these steps to create an API key from the MemoryKit Platform:

  1. Sign in — Go to platform.memorykit.io and sign in with your account.

  2. Open API Keys — In the left sidebar, click API Keys. You'll see a list of your existing keys (if any) and their scopes.

  3. Click "Create API Key" — The button is in the top-right corner of the API Keys page. A modal dialog will open.

  4. Configure the key:

    • Name — Give the key a descriptive name (e.g., "Production Backend", "Dev Testing").
    • Project — Select which project this key belongs to. Each key is scoped to a single project.
    • Scopes — Check the permissions this key should have (see Key scopes below). Use the minimum required scopes for security.

  5. Copy the key — After clicking Create, the key will be displayed once. Copy it immediately and store it in a secure location (e.g., environment variable, secrets manager).

API keys are displayed only once at creation time. If you lose a key, you'll need to create a new one.

Using the key

import { MemoryKit } from "memorykit";
 
const mk = new MemoryKit({
  apiKey: process.env.MEMORYKIT_API_KEY,
});

Key scopes

API keys can be scoped to limit access:

ScopeDescription
memories:readRead and search memories
memories:writeCreate, update, and delete memories
chats:readRead chat sessions and history
chats:writeCreate chats and send messages
users:readRead user data
users:writeCreate and update users

Security best practices

  • Never expose API keys in client-side code — Use a backend proxy to make API calls.
  • Use environment variables — Store keys in MEMORYKIT_API_KEY env var, not in source code.
  • Rotate keys periodically — Create a new key, update your app, then delete the old one.
  • Use the minimum required scopes — A read-only search app only needs memories:read.
  • Use separate keys per environment — Different keys for development, staging, and production.
Edit on GitHub

Previous

Quickstart

Next

Working with Memories

On this page