Authentication
Every endpoint requires your secret key in the x-api-key header.
Getting a key
API keys are self-serve: sign in to the KINETK dashboard, open API keys, and create one. Keys look like ktk_live_… and the secret is shown once at creation — store it immediately; it cannot be retrieved later, only revoked and re-issued.
Intelligence jobs are metered in credits (1 credit = $1.00), purchased from the dashboard’s billing page — see the billing notes in the Intelligence jobs guide.
Each key is bound to a usage plan with per-second and per-day rate limits — defaults are generous for development; contact api@kinetk.ai for higher production limits.
Failure modes
Best practices
- Store keys in env vars or a secret manager, never in committed code. The MCP server reads
GRAPH_SERVICE_API_KEYfrom its environment — see MCP Installation. - Use separate keys per environment so a leaked dev key never touches production traffic.
- Rotate keys when team members leave or after any suspected exposure — revoke and re-create in the dashboard; revocation takes effect immediately.