Authentication

Every endpoint requires your secret key in the x-api-key header.

$curl -H "x-api-key: $API_KEY" "https://api.kinetk.ai/graph/intelligence/jobs"

Getting a key

API keys are self-serve: sign in to the KINETK dashboard, open API keys, and create one. Keys look like ktk_live_… and the secret is shown once at creation — store it immediately; it cannot be retrieved later, only revoked and re-issued.

Intelligence jobs are metered in credits (1 credit = $1.00), purchased from the dashboard’s billing page — see the billing notes in the Intelligence jobs guide.

Each key is bound to a usage plan with per-second and per-day rate limits — defaults are generous for development; contact api@kinetk.ai for higher production limits.

Failure modes

StatusBodyCause
403{ "message": "Forbidden" }Missing or invalid x-api-key. Double-check the header name (case-insensitive) and that the value matches your issued key.
429{ "message": "Too Many Requests" }Per-second or per-day quota exceeded. Back off; if you need a higher limit, contact us.

Best practices

  • Store keys in env vars or a secret manager, never in committed code. The MCP server reads GRAPH_SERVICE_API_KEY from its environment — see MCP Installation.
  • Use separate keys per environment so a leaked dev key never touches production traffic.
  • Rotate keys when team members leave or after any suspected exposure — revoke and re-create in the dashboard; revocation takes effect immediately.