API Keys

API keys let external applications access your Sidvy data.

What Are API Keys?

API keys are authentication tokens that allow:

• External apps to read/write your notes
• Automation tools to interact with Sidvy
• MCP (Model Context Protocol) servers to integrate with AI assistants

Creating an API Key

1. Go to Settings > API Keys
2. Click Generate New Key
3. Give the key a descriptive name (e.g., “Claude Desktop MCP”)
4. Click Create
5. Copy the key immediately - it won’t be shown again

Caution

The full API key is only shown once. Copy it immediately and store it securely.

Managing API Keys

Viewing Keys

The API Keys page shows:

• Key name
• Key prefix (first few characters)
• Created date
• Last used date

Revoking Keys

To revoke an API key:

1. Go to Settings > API Keys
2. Find the key
3. Click Delete
4. Confirm

The key immediately stops working.

API Key Security

Best Practices

• Use descriptive names: Know what each key is for
• Rotate periodically: Create new keys and revoke old ones
• Minimum permissions: Only give access where needed
• Never share: Treat keys like passwords
• Revoke if compromised: If a key might be exposed, revoke immediately

What Keys Can Access

API keys have full access to:

• Read all notes (except encrypted content)
• Create and update notes
• Manage groups
• Access todos

They cannot:

• Change account settings
• Create new API keys

Using API Keys

With the API

Include the key in the Authorization header:

Authorization: Bearer sidvy_abc123...

Troubleshooting

Key Not Working

• Verify the key was copied correctly (no extra spaces)
• Check if the key was revoked
• Ensure you’re using the correct API endpoint

Key Exposed

If you accidentally exposed a key:

1. Revoke it immediately
2. Create a new key
3. Update your integrations with the new key