Authorization header as a Bearer token with every request:
Getting an API Key
API keys are managed from the RouteMCP dashboard:- Log in to your dashboard at
https://app.routemcp.com - Navigate to API Keys
- Click Generate New Key
- Choose
live(production) ortest(sandbox) environment - Copy the key — it’s only shown once
Key Types
Use
sk_test_ keys during development and integration testing. Switch to sk_live_ keys for production.
Making Requests
cURL
JavaScript (fetch)
Python (requests)
Security Best Practices
- Never expose API keys in client-side code — keep them server-side only
- Use environment variables — don’t hardcode keys in source code
- Use test keys for development —
sk_test_keys access sandbox data - Rotate keys periodically — generate a new key from the dashboard and revoke the old one
- Use separate keys per environment — different keys for staging vs production