MCP
Overview
MCP (Model Context Protocol) API keys let you programmatically access UptimeObserver monitoring data through our API. Use these keys to integrate UptimeObserver with AI assistants, automation tools, and custom applications.
How MCP API Keys Work
MCP API keys provide authenticated access to the UptimeObserver API endpoint. Each key:
- Is prefixed with
uo_for easy identification - Is shown only once upon creation — store it securely
- Can be rotated to generate a new key without downtime
- Can be revoked to immediately disable access
Authentication
MCP API keys can be passed in either of two formats:
Header Authentication
X-API-Key: uo_yourkeyhere
Bearer Token Authentication
Authorization: Bearer uo_yourkeyhere
JWT Not Accepted
The /api/mcp endpoint only accepts MCP API keys. Standard JWT tokens are not valid for MCP access.
Creating an MCP API Key
- Go to UptimeObserver and log in to your account.
- Navigate to the Integrations section from your dashboard.
- Choose MCP from the list of available integrations.
- Click Create Key.
One-Time Display
The generated key is shown only once in a modal dialog. Copy and store it securely before closing the modal. If you lose the key, you'll need to rotate it to get a new one.
- Copy the key and store it in a secure location (password manager, environment variables, or secrets manager).
Using the MCP Endpoint
Endpoint
POST https://mcp.uptimeobserver.com/mcp
Example Request
curl -X POST https://mcp.uptimeobserver.com/mcp \
-H "X-API-Key: uo_yourkeyhere" \
-H "Content-Type: application/json"
Or using Bearer authentication:
curl -X POST https://mcp.uptimeobserver.com/mcp \
-H "Authorization: Bearer uo_yourkeyhere" \
-H "Content-Type: application/json"
Managing API Keys
Rotating a Key
Rotating generates a new key while keeping the old one active until the new one is confirmed. Use rotation for routine key updates without service interruption:
- Navigate to Integrations → MCP in your dashboard.
- Click Rotate next to the key you want to replace.
- A new key is generated. Copy and store it securely.
- Update your applications to use the new key.
- The old key remains valid until you explicitly revoke it.
Revoking a Key
Revoking immediately disables an API key. All applications using that key will lose access:
- Navigate to Integrations → MCP in your dashboard.
- Click Revoke next to the key you want to disable.
- Confirm the revocation in the dialog.
Irreversible
Revoked keys cannot be recovered. You'll need to create a new key if you want to restore access.
Security Best Practices
- Store keys securely — Use a password manager, environment variables, or a secrets manager. Never commit keys to source control
- Rotate regularly — Rotate keys periodically as part of your security hygiene
- Revoke compromised keys immediately — If a key is exposed, revoke it and create a new one
- Use separate keys per application — Create distinct keys for different tools or environments
- Apply least privilege — Only share keys with applications that need them
Use Cases
- AI Assistant Integration — Connect monitoring data to AI-powered observability tools via the MCP protocol
- Custom Dashboards — Build internal status dashboards that pull real-time monitor data
- Automation Workflows — Trigger automated responses based on monitor status changes
- CI/CD Integration — Verify service health as part of your deployment pipeline
Troubleshooting
401 Unauthorized
- Verify the API key is correct and hasn't been revoked
- Ensure you're using either
X-API-Keyheader orAuthorization: Bearerheader (not both) - Check that the key prefix
uo_is included - JWT tokens are not accepted on the MCP endpoint
403 Forbidden
- The API key may have been revoked. Check the MCP dashboard for the key's status
- Your account may not have permission to access the MCP endpoint
Lost or Forgotten Key
- MCP keys are shown only once upon creation
- If you lose a key, rotate it to generate a new one, then update your applications
Need Help?
If you need assistance with MCP API keys, reach out using the "Need Help?" button on the bottom right corner or email us at support@uptimeobserver.com.