
Until now, a Fernand API key was all-or-nothing: whoever held it could do everything your account could. That's fine for a trusted backend script, but it's the wrong shape for the world we're now living in, one where you hand credentials to coding agents and AI assistants that act on your behalf.
So we rebuilt API keys around permissions. Every key you create now carries its own set of scopes, so you decide exactly what it can and can't do.
- Read-only keys so an agent can pull conversations, articles, and analytics without ever writing a thing
- Single-purpose keys that grant only the actions a job needs, like responding to conversations or updating knowledge base content, and nothing else
- Resource-scoped keys that limit a key to one or multiple specific permissions so its reach stops where you want it to
This is exactly what you want when working with Claude Code, Codex, Cursor, Cowork, and other AI agents. Spin up a read-only key to let an agent explore your data safely, or a tightly-scoped key so it can automate one workflow without touching anything else. If a key ever leaks, the blast radius is whatever you scoped it to, and you can revoke it in one click.
Dial each key to what it needs. Create your first scoped key from Settings, Integrations, API keys.