Skip to content

MCP

Overview

MCP (Model Context Protocol) API keys let you programmatically access UptimeObserver monitoring data through our API. Use these keys to integrate UptimeObserver with AI assistants, automation tools, and custom applications.


How MCP API Keys Work

MCP API keys provide authenticated access to the UptimeObserver API endpoint. Each key:

  • Is prefixed with uo_ for easy identification
  • Is shown only once upon creation — store it securely
  • Can be rotated to generate a new key without downtime
  • Can be revoked to immediately disable access

Authentication

MCP API keys can be passed in either of two formats:

Header Authentication

X-API-Key: uo_yourkeyhere

Bearer Token Authentication

Authorization: Bearer uo_yourkeyhere

JWT Not Accepted

The /api/mcp endpoint only accepts MCP API keys. Standard JWT tokens are not valid for MCP access.


Creating an MCP API Key

  1. Go to UptimeObserver and log in to your account.
  2. Navigate to the Integrations section from your dashboard.
  3. Choose MCP from the list of available integrations.
  4. Click Create Key.

One-Time Display

The generated key is shown only once in a modal dialog. Copy and store it securely before closing the modal. If you lose the key, you'll need to rotate it to get a new one.

  1. Copy the key and store it in a secure location (password manager, environment variables, or secrets manager).

Using the MCP Endpoint

Endpoint

POST https://mcp.uptimeobserver.com/mcp

Example Request

curl -X POST https://mcp.uptimeobserver.com/mcp \
  -H "X-API-Key: uo_yourkeyhere" \
  -H "Content-Type: application/json"

Or using Bearer authentication:

curl -X POST https://mcp.uptimeobserver.com/mcp \
  -H "Authorization: Bearer uo_yourkeyhere" \
  -H "Content-Type: application/json"

Managing API Keys

Rotating a Key

Rotating generates a new key while keeping the old one active until the new one is confirmed. Use rotation for routine key updates without service interruption:

  1. Navigate to Integrations → MCP in your dashboard.
  2. Click Rotate next to the key you want to replace.
  3. A new key is generated. Copy and store it securely.
  4. Update your applications to use the new key.
  5. The old key remains valid until you explicitly revoke it.

Revoking a Key

Revoking immediately disables an API key. All applications using that key will lose access:

  1. Navigate to Integrations → MCP in your dashboard.
  2. Click Revoke next to the key you want to disable.
  3. Confirm the revocation in the dialog.

Irreversible

Revoked keys cannot be recovered. You'll need to create a new key if you want to restore access.


Security Best Practices

  • Store keys securely — Use a password manager, environment variables, or a secrets manager. Never commit keys to source control
  • Rotate regularly — Rotate keys periodically as part of your security hygiene
  • Revoke compromised keys immediately — If a key is exposed, revoke it and create a new one
  • Use separate keys per application — Create distinct keys for different tools or environments
  • Apply least privilege — Only share keys with applications that need them

Use Cases

  • AI Assistant Integration — Connect monitoring data to AI-powered observability tools via the MCP protocol
  • Custom Dashboards — Build internal status dashboards that pull real-time monitor data
  • Automation Workflows — Trigger automated responses based on monitor status changes
  • CI/CD Integration — Verify service health as part of your deployment pipeline

Troubleshooting

401 Unauthorized

  • Verify the API key is correct and hasn't been revoked
  • Ensure you're using either X-API-Key header or Authorization: Bearer header (not both)
  • Check that the key prefix uo_ is included
  • JWT tokens are not accepted on the MCP endpoint

403 Forbidden

  • The API key may have been revoked. Check the MCP dashboard for the key's status
  • Your account may not have permission to access the MCP endpoint

Lost or Forgotten Key

  • MCP keys are shown only once upon creation
  • If you lose a key, rotate it to generate a new one, then update your applications

Need Help?

If you need assistance with MCP API keys, reach out using the "Need Help?" button on the bottom right corner or email us at support@uptimeobserver.com.