VectorMethods

Docs / Guides

Create and rotate API keys

Create, scope, rotate, revoke, and safely use VideoVector API keys for API, SDK, and MCP workflows.

sdk/videovector/resources/api_keys.pyapi/routes.pyapi/mcp_controllers.py

Search documentation

Search pages, API reference sections, and guide headings.

Summary

API keys are the primary credential for public workflow access. This guide shows how to create them, scope them, and rotate them without breaking integrations.

Use JWT bearer auth to manage API keys. Use the created API keys for most API, SDK, and MCP workflow calls.

Prerequisites

  • A user session that can call the JWT-only API key endpoints.
  • A clear scope plan for the integration, such as read, write, search, or admin.

Create a key

  1. Create the key with a descriptive name and only the scopes the integration needs.
  2. Store the returned secret immediately. The full key value is only returned on creation or rotation.
  3. Use that key in API, SDK, or MCP configuration.
curl -X POST https://playground-api-stg-udk7d32fva-uc.a.run.app/api/v2/api-keys \
  -H "Authorization: Bearer <jwt>" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Search integration",
    "scopes": ["read", "search"],
    "expires_in_days": 90
  }'

Choose scopes deliberately

  • search: search and retrieval workflows
  • read: list and inspect public resources
  • write: create and update workflow resources
  • admin: destructive or higher-privilege operations

For MCP configuration generated from the public /mcp/config flow, the platform prefers an active key with at least read-level capability and will create one when needed.

Rotate a key

Rotate a key when:

  • the secret may be exposed
  • the integration owner changes
  • you are following a regular credential rotation policy

Rotation returns a new full secret and revokes the old one.

curl -X POST https://playground-api-stg-udk7d32fva-uc.a.run.app/api/v2/api-keys/key_123/rotate \
  -H "Authorization: Bearer <jwt>"

Revoke or delete

  • Revoke when you want the key to remain visible but inactive.
  • Delete when the key should be removed entirely.

Use the key in clients

Python SDK:

from videovector import VideoVector

with VideoVector(api_key="sk_live_...") as client:
    runs = client.prompt_runs.list(limit=20)

MCP server:

VIDEOSEARCH_API_KEY=sk_live_... videosearch-mcp
Next
Create prompts with nested schemas
Go to next page

Related documentation

API reference
Auth and API keys

The public API accepts either API keys or JWT bearer tokens for most workflow endpoints. API key management endpoints require JWT bearer auth, and `/mcp/config` requires a verified JWT session.

Guides
Use VideoVector tools from Claude Desktop, Cursor, and custom MCP clients

This guide connects AI clients to VideoVector tools for media retrieval, prompt execution, workflow inspection, and playground validation.

SDK
SDK setup for media workflows

Use this page to initialize the Python SDK for media ingestion, extraction, search, delivery, and automation flows, then configure credentials and runtime behavior as needed.