Meet Eden →
Agent Optimization 6 min read

API keys quickstart

PromptEden API keys let server-side agents and internal tools call the v1 REST API and hosted MCP. Keys are scoped, start with `pe_`, are shown once at creation time, and can be passed in either the Authorization bearer header or X-API-Key header.

By PromptEden Team
API keys quickstart

Prerequisites

You need:

  • A PromptEden workspace with API access.
  • Owner or admin access to create keys.
  • A key scope set that matches the routes you plan to call.

Supported scopes are:

account:read
monitors:read
monitors:write
results:read
projects:read
projects:write
content:read
content:write

Create a key

PromptEden API keys start with pe_ followed by 32 hexadecimal characters. The raw key is shown once and cannot be retrieved later.

You can create a key in PromptEden, or use the session-authenticated API key route as a signed-in owner/admin:

curl -X POST https://app.prompteden.com/api/v1/keys \
  -H 'Content-Type: application/json' \
  --data '{
    "name": "Claude Code",
    "scopes": ["account:read", "projects:read", "monitors:read", "results:read", "content:read"]
  }'

Store the returned key securely. PromptEden returns it only once.

First request: list monitors

Use the key as a bearer token:

curl https://app.prompteden.com/api/v1/monitors \
  -H "Authorization: Bearer pe_..."

You can also use X-API-Key:

curl https://app.prompteden.com/api/v1/monitors \
  -H "X-API-Key: pe_..."

GET /api/v1/monitors requires monitors:read and returns:

{
  "monitors": []
}

An empty array means the key works and the workspace has no monitors yet.

Common REST endpoints

The v1 API route catalog includes:

GET  /api/v1/account
GET  /api/v1/projects
POST /api/v1/projects
GET  /api/v1/monitors
POST /api/v1/monitors
GET  /api/v1/monitors/:monitorId/results
GET  /api/v1/monitoring/providers
GET  /api/v1/content/topics
POST /api/v1/content/topics
PATCH /api/v1/content/topics/:topicId
GET  /api/v1/content/articles
POST /api/v1/content/articles
GET  /api/v1/content/articles/:articleId
PATCH /api/v1/content/articles/:articleId
POST /api/v1/content/articles/:articleId/publish
GET  /api/v1/displacement-scan/preview
POST /api/v1/displacement-scan/preview
GET  /api/v1/agent/status

Use idempotency keys on state-creating writes when your agent may retry.

API keys with hosted MCP

The same pe_ key can authenticate hosted MCP:

{
  "mcpServers": {
    "prompteden": {
      "url": "https://app.prompteden.com/api/mcp",
      "headers": {
        "Authorization": "Bearer pe_..."
      }
    }
  }
}

For read tools, the result returns directly. For hosted MCP write tools, PromptEden returns approval_required with a browser deep link and an approval ID for check_approval.

Troubleshooting

401 unauthorized. No API key was found. Pass Authorization: Bearer <key> or X-API-Key.

401 invalid_api_key. The key is invalid, revoked, malformed, or expired.

403 plan_limit. API access is not included in the current workspace plan.

403 insufficient_scope. The key is valid but missing the scope required by that route. For example, monitor listing requires monitors:read.

403 oauth_write_not_allowed. You used an OAuth connector token on a raw REST write route. Use hosted MCP for approval-gated writes.

429 rate_limit_exceeded. The key exceeded its per-minute request limit. Retry after the Retry-After header value.

api-keys rest-api mcp agent-optimization

Frequently asked questions

What does a PromptEden API key look like?

API keys start with pe_ and then 32 hexadecimal characters. Only the prefix is retained for display after creation.

Can API keys call hosted MCP?

Yes. Send the pe_ key as a bearer token to https://app.prompteden.com/api/mcp.

Which scope do I need to list monitors?

GET /api/v1/monitors requires monitors:read.

Can I retrieve a key again later?

No. PromptEden shows the raw key once at creation time. Create a new key if the value is lost.

Start With a Scoped API Key

Create a scoped key, list your monitors, then connect hosted MCP when your agent needs approval-gated writes.