Three credential types, each with a different scope:
| Key | Prefix | Purpose | Header |
|---|---|---|---|
| API Key | mk_ | Platform account (manage projects) | X-API-Key |
| Admin Key | sk_ | Project management (schema, config) | X-Admin-Key |
| Public Key | pk_ | Client-side data access | X-Public-Key |
sk_) is shown only once when you create a project. Save it immediately. If lost, rotate it via the dashboard. Never expose it in client-side code.
All keys can also be passed as Authorization: Bearer {key}. MoonDB auto-detects the key type from the prefix.
After login (POST /v1/accounts/login), you get a JWT. Use it as Authorization: Bearer {token} for platform operations (project management, billing). The JWT expires after 1 hour by default.