Skip to main content
The HERO REST API authenticates with API keys issued from your account settings.
Pass the key on every request as: 
Authorization: Bearer hero_ak_<...>

Generating an API key

  1. Sign in at HERO.
  2. Open Settings and click Generate new API key.
  3. Choose a name, workspace scope (all of your workspaces, or specific ones), and an expiry. Copy the key — it’s shown once.
  4. Use it in any Authorization: Bearer <key> header.
API keys inherit your user permissions within the workspaces they’re scoped to.
Revoking a key from the same settings page invalidates it immediately.

Using the same key for MCP

Your hero_ak_* API key also authenticates MCP clients (Cursor, VS Code, Claude Desktop, Claude Code) — see MCP authentication for client-config snippets and the OAuth alternative. Tokens issued from the MCP settings page (hero_at_* prefix) work the same way; the two settings pages are just convenience for the two surfaces.