Key Management
Bizzy uses API Keys for REST API access from backend services, scripts, and integrations. API key management requires the Owner role.API Keys
Create keys for REST API integrations
AI agents (Claude, Cursor, Windsurf, etc.) connect through the MCP
server, which uses its own authentication flow
rather than API keys.
Security Best Practices
- Principle of least privilege: Grant only the permissions each key needs
- Separate keys per integration: Create dedicated keys for each service or agent
- Regular audits: Review and revoke unused keys monthly
- Secure storage: Never commit keys to version control; use environment variables