Skip to main content
The platform has two auth lanes that share one base URL and one MCP endpoint.

Anonymous

The free reads - product search, the pain-points taste, and competitors - need no authentication at all. Just call the REST endpoints or point an MCP client at https://mcp.reechee.io/mcp. Anonymous access is read-only and rate-limited by IP.

API key

Everything else - opportunities, full pain-point reports, the watchlist, credit balance, and write actions - needs a paid-team API key.

Create a key

In the app, go to Settings → API keys and create one. Keys are available to paid teams (Starter and up). The full key is shown once, at creation - copy it then; it can’t be retrieved later. A key looks like: 
rch_live_3f9c…   (rch_live_ + 64 hex characters)
We store only a SHA-256 hash and a short display prefix - never the key itself.

Use a key

Send it as a bearer token. For the REST API: 
curl "https://app.reechee.io/api/v1/opportunities" \
  -H "Authorization: Bearer rch_live_your_key_here"
For the MCP server, send the same header - see the per-client quickstarts. With a valid key, the MCP exposes the full toolset and get_pain_points returns the full report.

Revoke a key

Revoke a key any time from Settings → API keys. Revocation is immediate - the next request with that key gets a 401.

Errors

A missing key on a protected endpoint, or an invalid, revoked, or expired key, returns 401 unauthorized: 
{ "success": false, "error": { "code": "unauthorized", "message": "API key required" } }
Keep keys server-side. Anyone with a key can act as your team within its limits. Treat it like a password; rotate it (create a new one, revoke the old) if it leaks.