Authentication
Connect Satellyte UI credentials to the MCP server safely.
Live MCP usage depends on a valid Satellyte Public API credential.
The Satellyte Public API authentication contract uses the X-Satellyte-API-Key header. The MCP server forwards the user's configured credential to the Public API when it performs live work.
User-facing connection flow
Satellyte UI -> generate or copy API key/token -> configure MCP client secret or environment variable -> MCP server forwards X-Satellyte-API-Key -> Satellyte Public API validates workspace context
Header contract
X-Satellyte-API-Key: YOUR_PUBLIC_API_KEY
The Public API base path remains:
/api/v1
Store the key safely
Do not paste API keys into prompts, chat messages, source code, screenshots, or committed config files.
Use a local secret, environment variable, or MCP client secret configuration instead.
Example local secret shape:
SATELLYTE_API_KEY=<copy_from_satellyte_ui>
The MCP client or server configuration should forward that credential to the Public API as:
X-Satellyte-API-Key: ${SATELLYTE_API_KEY}
Confirm auth context
Before running charged tools, confirm the active context:
Use the get_auth_context MCP tool. Read the satellyte://account/info MCP resource.
These checks help confirm which workspace/account context the MCP server is using.
Credit-sensitive safety
Some MCP tools can trigger Public API credit usage when they perform live work.
For charged workflows:
- Start with
dry_run: truewhere supported. - Confirm the planned scope and caps.
- Run a smaller live request first.
- Check returned
credits.charged,credits.remaining, andcredits.breakdown[]when the Public API returns live credit state.
Credit costs are controlled by the Satellyte backend and credit configuration. The MCP server must not hardcode numeric credit costs.