Skip to main content
API keys authenticate every REST and MCP request. They’re managed in the app — not via the bearer API — so a leaked key can never mint more keys.

Create a key

  1. Sign in at useshareable.com.
  2. Open Developers.
  3. Click Create key, name it (e.g. “CI publish bot”), and copy it immediately — the full key (sm_…) is shown only once.

Use a key

Pass it as a bearer token: 
Authorization: Bearer sm_your_key
…or as the SHAREABLE_API_KEY env var for the MCP server.

Revoke a key

In Developers, click Revoke next to a key. It stops working immediately — rotate by creating a new key first, updating your config, then revoking the old one.
Keys are stored only as a SHA-256 hash. We can’t recover a key after creation, so if you lose one, revoke it and create a new one.