Documentation

Docs home Getting started Workspace Library files Briefs & presentations Organizations Security & privacy Developer API MCP server Integrations Tool catalog

Documentation

Security and privacy

A practical overview of account access, API keys, uploaded research data, and usage metadata in Cortexa.

Manage API keys

cortexa-research-prod

Created Mar 14 · Last used 41s ago

Active

Secret

sk-cortexa-l••••••••••••••••••••

We store only a SHA-256 hash. Rotating revokes the previous key everywhere it was used — instantly.

Recent traffic

cortexa_research·Cursor (MCP · stdio)41s

/v1/chat/completions·OpenAI SDK3m

cortexa_research·Claude Desktop (MCP)8m

API keys

API keys authenticate OpenAI-compatible API calls, native agent streaming, and MCP traffic. The key value is shown once when created; Cortexa stores only a hash for future verification.

Revocation is shared

Revoking a key disables it everywhere: API clients, MCP desktop configs, remote MCP clients, and any automation using that token.

Research data

The security model is easiest to understand by separating source material, generated artifacts, and operational metadata.

Uploaded files

Files are used to ground research sessions and analysis workflows. Keep sensitive data scoped to the team that needs it.

Generated outputs

Briefs, presentations, analysis outputs, and citations stay connected to the session that produced them.

Usage metadata

Cortexa records enough metadata to support billing, abuse prevention, debugging, and admin visibility.

Research disclaimer

Cortexa provides research context only. It is not medical, legal, financial, or regulatory advice.

Operational controls

Use named API keys, rotate keys when ownership changes, review organization access regularly, and separate development credentials from production clients.

Documentation

Docs home Getting started Workspace Library files Briefs & presentations Organizations Security & privacy Developer API MCP server Integrations Tool catalog

Documentation

Security and privacy

A practical overview of account access, API keys, uploaded research data, and usage metadata in Cortexa.

Manage API keys

cortexa-research-prod

Created Mar 14 · Last used 41s ago

Active

Secret

sk-cortexa-l••••••••••••••••••••

We store only a SHA-256 hash. Rotating revokes the previous key everywhere it was used — instantly.

Recent traffic

cortexa_research·Cursor (MCP · stdio)41s

/v1/chat/completions·OpenAI SDK3m

cortexa_research·Claude Desktop (MCP)8m

API keys

API keys authenticate OpenAI-compatible API calls, native agent streaming, and MCP traffic. The key value is shown once when created; Cortexa stores only a hash for future verification.

Revocation is shared

Revoking a key disables it everywhere: API clients, MCP desktop configs, remote MCP clients, and any automation using that token.

Research data

The security model is easiest to understand by separating source material, generated artifacts, and operational metadata.

Uploaded files

Files are used to ground research sessions and analysis workflows. Keep sensitive data scoped to the team that needs it.

Generated outputs

Briefs, presentations, analysis outputs, and citations stay connected to the session that produced them.

Usage metadata

Cortexa records enough metadata to support billing, abuse prevention, debugging, and admin visibility.

Research disclaimer

Cortexa provides research context only. It is not medical, legal, financial, or regulatory advice.

Operational controls

Use named API keys, rotate keys when ownership changes, review organization access regularly, and separate development credentials from production clients.