API Keys

These tokens authenticate the Finlet CLI, MCP server, and any agent runtime that calls the REST surface. Treat each token like a password — it grants the access scope you select at generation time. Rotate when a token may be exposed; revoke when it is no longer needed.