> ## Documentation Index
> Fetch the complete documentation index at: https://docs.ai2fin.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Generate API Key

> Generate an API key for the MCP Inspector endpoint (/mcp/inspector). Requires admin authentication. API keys carry mcp:* scopes and are not accepted on the REST API. API key is only shown once - save it immediately.



## OpenAPI

````yaml /api-reference/openapi.json post /api/admin/api-keys
openapi: 3.1.0
info:
  title: AI2Fin Financial Management API
  description: >-
    Financial management platform with AI-powered categorization, tax
    optimization, and bill management.
  version: 1.0.0
  contact:
    name: AI2Fin Support
    url: https://ai2fin.com
  license:
    name: Proprietary
servers:
  - url: https://api.ai2fin.com
    description: Production
  - url: http://localhost:3001
    description: Local Development
security:
  - bearerAuth: []
  - cookieAuth: []
tags:
  - name: Authentication
    description: User authentication and authorization
  - name: Bank Transactions
    description: >-
      First-party endpoints for managing your own transactions and CSV imports.
      These return your own account data in your own authenticated session; they
      are not a third-party integration surface. Data synced from connected bank
      feeds (open-banking / CDR data) stays within your account and is only ever
      returned to you.
  - name: Bills & Recurring Payments
    description: Bill management with pattern recognition and auto-linking
  - name: Expenses
    description: Expense tracking with tax deduction support
  - name: AI Services
    description: AI-powered categorization and tax analysis
  - name: Automation
    description: Custom rules engine for automated workflows
  - name: Categories
    description: Transaction and expense category management
  - name: Smart Categories
    description: >-
      Category sets, multi-category assignments, and transaction history (Elite+
      only)
  - name: Analytics & Reports
    description: Financial analytics and tax report generation
  - name: Travel & Vehicles
    description: Vehicle registration and business trip tracking
  - name: Search
    description: AI-powered unified search across all entities
  - name: Subscription
    description: Subscription and quota management
  - name: AI Analysis
    description: AI-driven categorization and tax analysis endpoints
  - name: AI Assistant
    description: Chat conversations, messaging, and assistant file handling
  - name: GST & Tax
    description: Global GST/VAT rate lookup and calculations
  - name: Receipts & Attachments
    description: Receipt ingestion, AI analysis, and linkage APIs
  - name: MCP Server
    description: >-
      Model Context Protocol endpoints for AI integrations. Finance MCP server
      with 65+ tools for expense tracking, tax deductions, bill management, and
      financial analysis. Supports OAuth (JWT) and API key authentication.
paths:
  /api/admin/api-keys:
    post:
      tags:
        - Authentication
      summary: Generate API Key
      description: >-
        Generate an API key for the MCP Inspector endpoint (/mcp/inspector).
        Requires admin authentication. API keys carry mcp:* scopes and are not
        accepted on the REST API. API key is only shown once - save it
        immediately.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              type: object
              required:
                - name
                - scopes
              properties:
                name:
                  type: string
                  example: MCP Inspector - Production
                scopes:
                  type: array
                  items:
                    type: string
                    enum:
                      - mcp:read
                      - mcp:tools:list
                      - mcp:tools:call
                      - mcp:resources:read
                      - mcp:full
                      - '*'
                  example:
                    - mcp:read
                    - mcp:tools:list
                expiresInDays:
                  type: integer
                  default: 90
                  example: 90
      responses:
        '201':
          description: API key created
          content:
            application/json:
              schema:
                type: object
                properties:
                  success:
                    type: boolean
                  data:
                    type: object
                    properties:
                      id:
                        type: string
                      name:
                        type: string
                      key:
                        type: string
                        description: API key - only shown once!
                      scopes:
                        type: array
                        items:
                          type: string
                      expiresAt:
                        type: string
                      createdAt:
                        type: string
        '401':
          description: Unauthorized - Admin access required
      security:
        - bearerAuth: []
components:
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
      bearerFormat: JWT
      description: >-
        First-party access token for your own signed-in session, obtained from
        the /api/enterprise-auth/login endpoint. The REST API returns your own
        account data to you — it is a first-party consumer surface, not a
        third-party integration channel. Data from connected bank feeds
        (open-banking / CDR data) is your own data, returned only to you in your
        own authenticated session.
    cookieAuth:
      type: apiKey
      in: cookie
      name: ai2_sess
      description: Session cookie for web applications

````