Authentication

Learn how to authenticate with your Reeva MCP servers.

API Key Authentication

Reeva MCP servers use API keys for authentication. This is the standard, secure way to connect your IDE or application to your MCP servers.

Types of API Keys

Server-Specific Keys:

• Tied to a single server
• Format: mcpk_xxxxxxxxxxxxx
• Created per-server in the dashboard
• Ideal for production deployments

Global Keys:

• Access multiple servers
• Must be explicitly linked to each server
• Useful for development environments
• Created in the API Keys page

Generating API Keys

Via Dashboard

1. Navigate to Servers → Select your server → API Keys
2. Click "Generate Key"
3. Copy the key immediately (it's shown only once)
4. Store securely in your environment variables

Via API

curl -X POST https://api.joinreeva.com/api/servers/server_123/api-keys \
  -H "Content-Type: application/json" \
  -d '{"name": "Production Key"}'

Using API Keys

Include your API key in the Authorization header with the Bearer prefix when making requests to your MCP server.

MCP Protocol Request

curl -X POST https://api.joinreeva.com/mcp/server_123 \
  -H "Authorization: Bearer mcpk_your_key_here" \
  -H "Content-Type: application/json" \
  -d '{
    "jsonrpc": "2.0",
    "method": "tools/list",
    "id": 1
  }'

Tool Execution

import httpx

response = httpx.post(
    'https://api.joinreeva.com/mcp/server_abc123',
    headers={
        'Authorization': 'Bearer mcpk_your_key',
        'Content-Type': 'application/json'
    },
    json={
        'jsonrpc': '2.0',
        'method': 'tools/call',
        'params': {
            'name': 'google_search',
            'arguments': {'query': 'MCP protocol'}
        },
        'id': 1
    }
)

Configuring in IDEs

Cursor

Add to your MCP settings file (~/.cursor/mcp.json):

{
  "mcpServers": {
    "reeva-server": {
      "command": "npx",
      "args": ["-y", "@modelcontextprotocol/server-everything"],
      "env": {
        "REEVA_SERVER_ID": "server_abc123",
        "REEVA_API_KEY": "mcpk_your_key_here"
      }
    }
  }
}

Windsurf

Add to Windsurf MCP configuration:

{
  "mcpServers": {
    "reeva": {
      "serverUrl": "https://api.joinreeva.com/mcp/server_abc123",
      "apiKey": "mcpk_your_key_here"
    }
  }
}

Claude Code

Configure in Claude Desktop settings:

{
  "servers": {
    "reeva": {
      "url": "https://api.joinreeva.com/mcp/server_abc123",
      "headers": {
        "Authorization": "Bearer mcpk_your_key_here"
      }
    }
  }
}

Security Best Practices

Storage

• ✅ Store keys in environment variables
• ✅ Use secrets managers (AWS Secrets Manager, Google Secret Manager, 1Password)
• ✅ Add .env files to .gitignore
• ❌ Never commit keys to version control
• ❌ Don't hardcode keys in source files
• ❌ Don't share keys in chat or email

Rotation

• ✅ Rotate keys every 90 days
• ✅ Generate new keys before revoking old ones
• ✅ Update all clients before revocation
• ✅ Monitor for unauthorized access in dashboard

Scoping

• ✅ Use server-specific keys in production
• ✅ Limit global key access to necessary servers
• ✅ Create separate keys per environment (dev/staging/prod)
• ✅ Revoke unused keys immediately
• ✅ Name keys descriptively ("Production API", "Dev Laptop")

API Key Management

Creating Keys

Server-Specific Key:

POST /api/servers/{server_id}/api-keys

Global Key:

POST /api/api-keys

Linking Global Keys

Link a global key to a server:

POST /api/api-keys/{key_id}/servers/{server_id}

Revoking Keys

Single Key:

DELETE /api/servers/{server_id}/api-keys/{key_id}

All Server Keys:

POST /api/servers/{server_id}/api-keys/revoke-all

Error Responses

401 Unauthorized

Cause: Invalid or missing API key

{
  "error": "Unauthorized",
  "message": "Invalid or expired API key"
}

Solutions:

• Verify the key is correct (no extra spaces or line breaks)
• Check that the key hasn't been revoked
• Ensure you're using the correct server ID
• Confirm the key is linked to the server (for global keys)

403 Forbidden

Cause: Valid key but insufficient permissions

{
  "error": "Forbidden",
  "message": "Access denied to this resource"
}

Solutions:

• Verify you own the server
• Check that a global key is properly linked to the server
• Ensure the server exists and is active

429 Rate Limited

Cause: Too many requests

{
  "error": "Rate Limit Exceeded",
  "message": "Too many requests. Please try again later."
}

Solutions:

• Implement exponential backoff
• Reduce request frequency
• Contact support for rate limit increases

Rate Limiting

• MCP endpoints: 1000 requests/minute per API key
• Tool execution: Limited by credit balance, not rate limits
• Burst capacity: 100 requests in 10 seconds

Troubleshooting

Key Not Working After Creation

Wait 30 seconds: New keys take a moment to propagate across the system.

"Key not found" Error

• Verify you're using the full key including the mcpk_ prefix
• Check you're calling the correct server ID
• Confirm the key wasn't revoked

Works in Dashboard but Not in IDE

• Check IDE configuration syntax
• Verify environment variables are loaded
• Restart your IDE after configuration changes
• Check for proxy or firewall issues

See Also

• API Keys Guide - Detailed guide on managing API keys
• MCP Protocol - MCP protocol specification
• Cursor Integration - Cursor setup guide
• Error Reference - Complete error codes