API Keys
The Transcord API uses API keys for authentication. Include your key in theAuthorization header with every request.
Getting an API Key
- Log in to your Transcord account
- Go to Settings
- Scroll to “API Access” and click Generate API Key
- Copy your key immediately - it won’t be shown again
API Key Format
All Transcord API keys start withtr_live_ followed by a random string:
Example Request
Security Best Practices
Never expose keys in client-side code
Never expose keys in client-side code
API keys should only be used in server-side code. Never include them in JavaScript that runs in the browser, mobile apps, or any code that users can inspect.
Use environment variables
Use environment variables
Store your API key in environment variables, not in your source code:
.env
Rotate keys periodically
Rotate keys periodically
Generate a new API key periodically and update your applications. This limits the impact if a key is compromised.
Revoke compromised keys immediately
Revoke compromised keys immediately
If you suspect your API key has been exposed, revoke it immediately in Settings and generate a new one.
Rate Limits
API requests are limited to 100 requests per minute per API key. If you exceed this limit, you’ll receive a429 Too Many Requests response:
OAuth 2.0 (MCP Integration)
For MCP (Model Context Protocol) integrations with Claude AI, Transcord supports OAuth 2.0 with PKCE. This allows Claude to access your recordings on your behalf. See the MCP Integration guide for setup instructions.Error Responses
401 Unauthorized
Your API key is missing, invalid, or has been revoked.- Check that you’re including the
Authorizationheader - Verify your API key is correct (starts with
tr_live_) - Generate a new key if yours was revoked
403 Forbidden
Your API key is valid but you don’t have access to the requested resource.- Make sure you’re accessing your own recordings
- Check that your subscription is active