Skip to main content

API Keys

All API requests require authentication using a Bearer token. Get your API key from the Developer Platform. Include your key in all requests:

Connector Branding

When users connect external services (Google Drive, Notion, OneDrive), they see a “Log in to Supermemory” prompt by default. You can replace this with your own app name by providing your own OAuth credentials via the settings endpoint.
This works for Google Drive, Notion, and OneDrive. See the full setup in Customization.

Scoped API Keys

Scoped keys are restricted to a single containerTag. They can only access documents and search within that container — useful for giving limited access to specific projects, users, or tenants without exposing your full API key.Allowed endpoints: /v3/documents, /v3/memories, /v4/memories, /v3/search, /v4/search, /v4/profile

Create a scoped key

Parameters

ParameterRequiredDefaultDescription
containerTagYesAlphanumeric, hyphens, underscores, colons, dots
nameNoscoped_{containerTag}Display name for the key
expiresInDaysNo1–365 days
rateLimitMaxNo500Max requests per window (1–10,000)
rateLimitTimeWindowNo60000Window in milliseconds (1–3,600,000)

Response

Use the returned key exactly like a normal API key — it just won’t work outside its container scope.

Disable a scoped key

To revoke a scoped key, send a DELETE request with the id returned at creation time. This disables the key immediately — any subsequent requests using it will get a 401. Memories and container tags are not affected.
Response: