Authentication - MailKatana Docs

MailKatana uses workspace-scoped Bearer API keys for both documented developer surfaces.

REST API

Send your API key in the Authorization header:

curl https://api.mailkatana.com/v1/mailing-lists \
  -H "Authorization: Bearer YOUR_API_KEY"

MCP server

MCP authentication happens at connection time, not per tool call.

Base server URL: https://api.mailkatana.com/mcp
Raw SSE endpoint: https://api.mailkatana.com/mcp/sse
Header: Authorization: Bearer YOUR_API_KEY

These are protected SSE endpoints. If you open either URL without the header, expect a 401 rather than an HTML page. If your MCP client still asks for an _apiKey tool argument, do not use that pattern here. MailKatana expects the Bearer token on the SSE connection itself.

Shared behavior

One API key maps tool calls or REST requests to a single workspace.
Missing or invalid credentials return 401.
REST and MCP both sit behind the same per-IP developer rate limit.

​REST API

​MCP server

​Shared behavior

REST API

MCP server

Shared behavior