DocumentationAPI keys in Settings
API keys in Settings
Create, copy, and scope API keys from the dashboard.
API keys are created and revoked from Settings → API keys in the dashboard. The UI wraps the same POST /tenants/:id/api-keys flow documented in the REST reference.
Create a key
Open Settings
Dashboard sidebar → Settings → API keys
Create
Click Create API key, enter a descriptive name (
prod-nextjs,staging-crm)Select scopes
Check only the permissions your integration needs. See the scope table below.
Copy once
The full key (
mc_live_...ormc_test_...) is shown only once. Store it in your secret manager immediately.
Scope selection
| Scope | Grants access to |
|---|---|
email:send | Send emails, batch, scheduled |
email:read | Email logs, cancel scheduled |
contacts:read / contacts:write | Audience and GDPR erasure |
campaigns:read / campaigns:write | Newsletter campaigns |
suppressions:read / suppressions:write | Suppression list |
webhooks:manage | Outbound webhook endpoints |
sequences:read / sequences:write | Automated sequences (API) |
Revoke and rotate
From the same screen, revoke unused keys. For rotation:
- Create a new key with the same scopes
- Update deployment secrets
- Revoke the old key
See also API key security and API keys and scopes.