Get your key
An MCP client connects to Wrenbase with an API key. The same key works for the API too. You create and manage keys in the workspace.
Open the Developer area
In the sidebar, go to Developer → API Keys.
Create a key
Click to create a new key and give it a label so you can recognize it later, like “Claude Desktop” or “billing agent.”
Link it to you or an agent
Choose who the key acts as. Link it to yourself to act on your own behalf, or to one of your agents so the calls run under that agent’s limits. A key is always tied to exactly one of the two.
Set an expiration
Pick how long the key should last. You can choose a fixed window or no expiry, and change your mind later by revoking and reissuing.
Copy it once
Wrenbase shows the full key a single time, right after you create it. Copy it then and store it somewhere safe, because you won’t be able to see it again. If you lose it, revoke it and create a new one.
Managing keys
The API Keys page lists your keys, when each was last used, and which client connected with it. You can revoke any key from here, and it stops working immediately.
Wrenbase never keeps your key in readable form. It’s hashed on our side, which is why we can only show it to you once. Treat it like a password: anyone with the key can act as whoever it’s linked to.
Related
- Connect a client: point your MCP client at Wrenbase
- Security: how keys, limits, and the audit trail work
Frequently asked questions
- How do I create an API key for Wrenbase?
- In the sidebar, go to Developer then API Keys, click to create a new key, and give it a label. Choose whether the key acts as you or as one of your agents, set an expiration, then copy the key when it's shown.
- Can I see my API key again after creating it?
- No. Wrenbase shows the full key a single time, right after you create it, because it's stored only in hashed form. Copy it then and store it somewhere safe, and if you lose it, revoke it and create a new one.
- How do I revoke a Wrenbase API key?
- The API Keys page lists your keys along with when each was last used and which client connected with it. You can revoke any key from there, and it stops working immediately.