API Reference

Authentication

Written by , Product docsLast updated

Every request to Hive requires an API key. One key works across remote MCP clients, REST requests, the local stdio wrapper, the CLI, and the TypeScript adapter.


Create an API key

  1. Go to /dashboard/keys
  2. Enter your email address
  3. Open the sign-in link sent to your inbox
  4. Store the key shown on the dashboard in your secret manager or environment

Using your key

Remote MCP clients

Most documented clients connect directly to Hive's managed remote MCP endpoint:

ItemValue
Remote MCP URLhttps://mcp.hiveintelligence.xyz/mcp
TransportStreamable HTTP
Recommended authAuthorization: Bearer YOUR_HIVE_API_KEY

Many clients use a JSON shape like this:

json
{
  "mcpServers": {
    "hive": {
      "url": "https://mcp.hiveintelligence.xyz/mcp",
      "headers": {
        "Authorization": "Bearer YOUR_HIVE_API_KEY"
      }
    }
  }
}

Client field names vary. VS Code uses a top-level servers object, Gemini CLI uses httpUrl, Windsurf uses serverUrl, Claude Desktop uses the Custom Connectors UI, and OpenAI Responses API passes the key through tools[].authorization. Use Install Hive or Client Setup for the exact client-specific config.

After saving the config, restart the client or reload its MCP server list, then ask for a live price query and confirm the answer shows a Hive tool call.

REST API

Pass the key as a request header. Authorization: Bearer is the recommended form; x-api-key is accepted as a legacy alias.

Authorization: Bearer (recommended):

bash
curl -X POST https://mcp.hiveintelligence.xyz/api/v1/execute \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer YOUR_HIVE_API_KEY" \
  -d '{"tool": "get_price", "args": {"ids": "bitcoin", "vs_currencies": "usd"}}'

x-api-key (also supported):

bash
curl -X POST https://mcp.hiveintelligence.xyz/api/v1/execute \
  -H "Content-Type: application/json" \
  -H "x-api-key: YOUR_HIVE_API_KEY" \
  -d '{"tool": "get_price", "args": {"ids": "bitcoin", "vs_currencies": "usd"}}'

Both authenticate identically. Prefer Bearer. It is the standard HTTP auth scheme and works with most clients, proxies, and SDKs.

Local stdio wrapper

Use local stdio only when your MCP client cannot call the remote HTTP endpoint directly or your network requires a local subprocess. Pass the key as an environment variable in your MCP client config:

json
{
  "mcpServers": {
    "hive-intelligence": {
      "command": "npx",
      "args": ["-y", "-p", "hive-intelligence@latest", "hive"],
      "env": {
        "HIVE_API_KEY": "YOUR_HIVE_API_KEY"
      }
    }
  }
}

The MCP server reads HIVE_API_KEY at startup and sends it as a Bearer token on Hive requests.

TypeScript MCP client adapter

If you install the hive-mcp-client adapter (npm install hive-mcp-client), pass the key at client initialization:

ts
import { createHiveMcpClient } from 'hive-mcp-client';

const client = await createHiveMcpClient({
  apiKey: process.env.HIVE_API_KEY,
  clientName: 'my-app',
});

Store keys in environment variables. Never hardcode them in source files.

B2B subject signing

B2B partner backends keep one Hive API key server-side and add signed subject headers for each downstream customer request. Store the subject signing secret separately from the API key, for example as HIVE_SUBJECT_SIGNING_SECRET, and derive tenantId plus endUserId from trusted server auth state.

Do not accept tenant or end-user ids from a model prompt or browser body without validating them against your own session. The partner guide covers the full header contract and readiness check: B2B Partner Adapter.


Key management

From /dashboard/keys you can:

  • Create multiple keys: one per project or environment (development, staging, production).
  • Revoke a key: disables the key so new authenticated requests are rejected after auth-backend propagation.
  • Track usage: see request counts and last-used timestamps per key.

Treat a revoked key as retired immediately in your own systems. New requests using a disabled key are rejected after the authentication backend observes the update; already in-flight requests may complete.


Rate limits

Each API key has its own rate limit quota based on your plan. See Rate Limits for plan quotas, retry headers, upstream provider-error behavior, and caching guidance.


  • Quick Start - make your first authenticated REST, MCP, or CLI call
  • Install Hive - exact remote MCP config for supported AI clients
  • Client Setup - tabbed setup guide for remote MCP, CLI, and REST
  • API Integration - execute tools with the recommended Bearer header
  • B2B Partner Adapter - isolate downstream customer state with signed subject headers
  • MCP Security - keep API keys and subject secrets out of prompts and browser code