Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.agentweb.pro/llms.txt

Use this file to discover all available pages before exploring further.

AgentWeb supports two authentication methods:
  • API keys (bearer tokens) for server-to-server REST calls and MCP from Claude Code or OpenClaw.
  • OAuth 2.0 for the Claude.ai MCP connector. The connector handles the flow — no manual key generation needed.
This page covers API keys.

Generate an API key

1

Open Settings → API Keys

Sign in to app.agentweb.pro, click the gear icon in the sidebar, and select the API Keys tab.
2

Click Generate

Give the key a name (something like local-dev, production-server, or cursor-mcp). Pick a rate limit and optional expiration date.
3

Copy the key immediately

The full key is shown once. Copy it now. The portal stores only a hash — you cannot view the key again after closing the modal.Keys look like aw_f0dfbe594b4611c5f3e5e411254932a2....
4

Store it securely

Treat the key like a password. Add it to your secret manager, .env file (gitignored), or your client’s MCP config. Do not commit it to source control.

Use the key

Pass the key in the Authorization header as a bearer token. 
curl https://api.agentweb.pro/api/emma/knowledge-bases \
  -H "Authorization: Bearer aw_YOUR_API_KEY_HERE"
For MCP clients, the key is configured at the connection layer: 
claude mcp add \
  --transport http \
  emma \
  https://api.agentweb.pro/mcp \
  --header "Authorization: Bearer aw_YOUR_API_KEY_HERE"
For details on connecting Emma to AI clients, see Connect Emma.

Key properties

When generating a key, you can configure:
PropertyDescription
keyNameA label for your reference. Shows up in the key list.
scopesLimits what the key can access. Defaults to the same access as your account.
rateLimitPerMinPer-key rate limit. Defaults to your plan’s standard limit.
expiresAtOptional expiration date. After expiry the key is rejected.

List your keys

Settings → API Keys shows every active key with its name, last-used timestamp, scopes, and rate limit. Hashes are stored, not the full keys.

Revoke a key

Click Revoke next to the key. Revocation is immediate — the next request with that key returns 401 Unauthorized. Revoke a key any time you suspect it’s leaked, when a team member leaves, or when you’re rotating credentials.

Rotate a key

  1. Generate a new key.
  2. Update your client (Claude Code, OpenClaw, server config) with the new key.
  3. Confirm the new key works.
  4. Revoke the old key.
There is no in-place key rotation — generate-then-revoke is the supported flow.

OAuth 2.0 (Claude.ai)

The Claude.ai connector authenticates via OAuth. The flow:
  1. Claude.ai redirects to https://app.agentweb.pro/oauth/authorize with PKCE parameters.
  2. You sign in to AgentWeb and review the scopes being granted (mcp:tools).
  3. After authorization, Claude.ai exchanges the auth code for an access token and uses it for all subsequent MCP calls.
You don’t generate or manage keys for this path. To revoke the connector, disconnect it from Claude.ai’s Settings → Connectors page or sign out the linked AgentWeb session.

Troubleshooting

  • Confirm the Authorization header is exactly Bearer aw_... with a space after Bearer.
  • Confirm the key hasn’t been revoked or expired. Check Settings → API Keys.
  • Check the key has the scopes the endpoint requires.
You’ve hit the per-key rate limit. Wait the duration shown in the Retry-After header, or generate a higher-limit key if your workload needs it.
Some MCP clients cache server configurations. Restart the client after registering a new key. For Claude Code: claude mcp remove emma, then run the add command again.

Next steps

  • Emma tools — what each endpoint does.
  • Connect Emma — use the key in Claude.ai, Claude Code, or OpenClaw.