# BeefAPI Authentication for Agents BeefAPI uses account-managed API tokens for model requests. The public discovery and MCP tools are anonymous, read-only, and do not require a token. ## Account and token setup 1. Open https://beefapi.com/register and create a BeefAPI account. 2. Sign in and recharge through the authenticated BeefAPI dashboard. 3. Create an API token and assign the group that provides the required model. 4. Send the token to compatible API endpoints as `Authorization: Bearer YOUR_BEEFAPI_TOKEN`. 5. For Anthropic-compatible clients, follow the client guide when an `x-api-key` header is required. ## Agent safety rules - Never ask a user to paste an API token into public chat, logs, URLs, MCP arguments, or third-party forms. - Never publish or persist a user's token. - Public MCP tools cannot create accounts, recharge balances, create tokens, inspect private logs, or call paid models. - Account-specific model access, private discounts, quota, and final billing require the authenticated dashboard or API. - A `401` response means the client should ask the user to verify authentication locally; it must not expose the credential while troubleshooting. ## Canonical references - Quickstart: https://beefapi.com/docs/onboarding/00-quickstart.md - Client setup: https://beefapi.com/docs/onboarding/40-clients.md - API contract: https://beefapi.com/openapi.json - Public pricing: https://beefapi.com/pricing.json - Public read-only MCP: https://beefapi.com/mcp BeefAPI is not currently an OAuth authorization server for API access. Agents must not invent OAuth discovery metadata or attempt autonomous account registration.