API Reference
Authentication
Every request to Hive requires an API key. One key works across remote MCP clients, REST requests, the local stdio wrapper, the CLI, and the TypeScript adapter.
Create an API key
- Go to /dashboard/keys
- Enter your email address
- Open the sign-in link sent to your inbox
- Store the key shown on the dashboard in your secret manager or environment
Using your key
Remote MCP clients
Most documented clients connect directly to Hive's managed remote MCP endpoint:
| Item | Value |
|---|---|
| Remote MCP URL | https://mcp.hiveintelligence.xyz/mcp |
| Transport | Streamable HTTP |
| Recommended auth | Authorization: Bearer YOUR_HIVE_API_KEY |
Many clients use a JSON shape like this:
{
"mcpServers": {
"hive": {
"url": "https://mcp.hiveintelligence.xyz/mcp",
"headers": {
"Authorization": "Bearer YOUR_HIVE_API_KEY"
}
}
}
}Client field names vary. VS Code uses a top-level servers object, Gemini CLI uses httpUrl, Windsurf uses serverUrl, Claude Desktop uses the Custom Connectors UI, and OpenAI Responses API passes the key through tools[].authorization. Use Install Hive or Client Setup for the exact client-specific config.
After saving the config, restart the client or reload its MCP server list, then ask for a live price query and confirm the answer shows a Hive tool call.
REST API
Pass the key as a request header. Authorization: Bearer is the recommended form; x-api-key is accepted as a legacy alias.
Authorization: Bearer (recommended):
curl -X POST https://mcp.hiveintelligence.xyz/api/v1/execute \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_HIVE_API_KEY" \
-d '{"tool": "get_price", "args": {"ids": "bitcoin", "vs_currencies": "usd"}}'x-api-key (also supported):
curl -X POST https://mcp.hiveintelligence.xyz/api/v1/execute \
-H "Content-Type: application/json" \
-H "x-api-key: YOUR_HIVE_API_KEY" \
-d '{"tool": "get_price", "args": {"ids": "bitcoin", "vs_currencies": "usd"}}'Both authenticate identically. Prefer Bearer. It is the standard HTTP auth scheme and works with most clients, proxies, and SDKs.
Local stdio wrapper
Use local stdio only when your MCP client cannot call the remote HTTP endpoint directly or your network requires a local subprocess. Pass the key as an environment variable in your MCP client config:
{
"mcpServers": {
"hive-intelligence": {
"command": "npx",
"args": ["-y", "-p", "hive-intelligence@latest", "hive"],
"env": {
"HIVE_API_KEY": "YOUR_HIVE_API_KEY"
}
}
}
}The MCP server reads HIVE_API_KEY at startup and sends it as a Bearer token on Hive requests.
TypeScript MCP client adapter
If you install the hive-mcp-client adapter (npm install hive-mcp-client), pass the key at client initialization:
import { createHiveMcpClient } from 'hive-mcp-client';
const client = await createHiveMcpClient({
apiKey: process.env.HIVE_API_KEY,
clientName: 'my-app',
});Store keys in environment variables. Never hardcode them in source files.
B2B subject signing
B2B partner backends keep one Hive API key server-side and add signed subject headers for each downstream customer request. Store the subject signing secret separately from the API key, for example as HIVE_SUBJECT_SIGNING_SECRET, and derive tenantId plus endUserId from trusted server auth state.
Do not accept tenant or end-user ids from a model prompt or browser body without validating them against your own session. The partner guide covers the full header contract and readiness check: B2B Partner Adapter.
Key management
From /dashboard/keys you can:
- Create multiple keys: one per project or environment (development, staging, production).
- Revoke a key: disables the key so new authenticated requests are rejected after auth-backend propagation.
- Track usage: see request counts and last-used timestamps per key.
Treat a revoked key as retired immediately in your own systems. New requests using a disabled key are rejected after the authentication backend observes the update; already in-flight requests may complete.
Rate limits
Each API key has its own rate limit quota based on your plan. See Rate Limits for plan quotas, retry headers, upstream provider-error behavior, and caching guidance.
Related
- Quick Start - make your first authenticated REST, MCP, or CLI call
- Install Hive - exact remote MCP config for supported AI clients
- Client Setup - tabbed setup guide for remote MCP, CLI, and REST
- API Integration - execute tools with the recommended Bearer header
- B2B Partner Adapter - isolate downstream customer state with signed subject headers
- MCP Security - keep API keys and subject secrets out of prompts and browser code