Keys, tokens & IDs

A consolidated lookup of the credential and identifier formats used across Syncanix: secret and publishable API keys, MCP connection tokens, and environments.

Syncanix uses a few distinct credential and identifier formats. This table shows each one and where it’s used; the full how-to lives on the linked pages.

API keys

Secret key: Server-side only — used by the CLI and MCP. Prefixed gak_ and never embedded in a page.
Publishable key: Safe to embed in your site — used by the widget. Prefixed pk_, with separate test and live variants.

gak_<env>_<32 base32 chars>    # secret key — CLI / MCP / server-side only
pk_<test|live>_<32 base32 chars>  # publishable key — embedded in your page

MCP connection tokens

An MCP connection is authorized with a token that scopes an AI client to your workspace. Treat it like a secret key.

Environments

Keys and configuration are separated by environment, so testing never touches live traffic:

Development: For building and testing, with test keys.
Production: For real users, with live keys.

Next steps

API keysCreate, rotate, and revoke keys.MCP authenticationHow MCP connections are authorized.