API keys - Jinko Platform

API keys are the simplest way to authenticate with Jinko. They prefix with jnk_ and work everywhere, the SDK, the CLI, MCP clients, and direct REST calls. Use them for: agents, scripts, CI/CD, server-side apps, MCP clients without OAuth support. Don’t use them for: end-user-facing OAuth flows in MCP clients that support DCR (Claude Desktop, ChatGPT, Cursor, Codex, Openclaw).

Get a key

gojinko.com/dashboard/keysFirst time? You’ll be auto-onboarded via Jinko Auth, no waitlist.

Create a key

Hit Create key, name it something memorable. Default monthly quota is 1,000 requests.

Copy it once

The full key is only shown once at creation. Store it somewhere safe (1Password, your secrets manager, etc.) before navigating away.If you lose it, just rotate, make a new one and delete the old.

Use a key

SDK
CLI
MCP (any client)
REST (curl / any HTTP client)

import { createJinkoClient } from '@gojinko/api-client'
const client = await createJinkoClient({ apiKey: 'jnk_...' })

Or via env: export JINKO_API_KEY=jnk_... and call createJinkoClient() with no args.

# Persist to ~/.jinko/config.yaml
jinko auth login --key jnk_...

# Or use an env var (no login needed)
export JINKO_API_KEY=jnk_...
jinko flight-calendar --origins CDG --destinations JFK --month 2026-06

Attach as an Authorization: Bearer header on the MCP endpoint:

claude mcp add --transport http jinko https://mcp.builders.gojinko.com/mcp \
  --header "Authorization: Bearer jnk_..."

See Connect via API key for client-specific configs.

curl https://api.gojinko.com/v1/flight_search \
  -H "X-API-Key: jnk_..." \
  -H "Content-Type: application/json" \
  -d '{ "origin": "JFK", "destination": "CDG", "trip_type": "oneway", "departure_date": "2026-06-15" }'

The REST API accepts both X-API-Key: jnk_... and Authorization: Bearer jnk_.... A jnk_ key is one of two auth methods on every /v1 route — the other is WorkOS OAuth via Authorization: Bearer <oauth_token>.

Sandbox keys

Jinko runs two isolated environments — production and sandbox (test the full flow without touching prod data). They use separate keys: a jnk_ key is scoped to the environment it was created in and won’t authenticate against the other. Generate a sandbox key from the dashboard, then point your client at the matching base URL:

Surface	Production	Sandbox
REST / SDK	`https://api.gojinko.com`	`https://api.sandbox.gojinko.com`
MCP	`https://mcp.builders.gojinko.com/mcp`	`https://mcp.builders.sandbox.gojinko.com/mcp`
CLI	default	`--env sandbox`

The CLI and SDK have built-in environment switching (they store the two keys separately); for REST/MCP just use the sandbox URL above with your sandbox key.

Rotation

If a key leaks (committed to git, posted in chat, etc.):

Create a new key in the dashboard.
Update your scripts / env / config to use the new key.
Delete the old key in the dashboard. Anything still using it stops working immediately.

Always rotate; never edit a key in place. There’s no rate-limited grace period.

Quotas

Free tier: 1,000 requests / 30 days, per key. Quota counters are per key, splitting work across multiple keys doesn’t help. Need more? Email dev@gojinko.com with your use case and we’ll bump it.

Common failures

Symptom	Likely cause	Fix
`401 Unauthorized`	Key missing, mistyped, or revoked	Verify the key in the dashboard; check for whitespace at start/end
`401` with `unexpected iss claim`	You’re sending a CLI OAuth token, not an API key	Use a `jnk_*` key instead, see OAuth for why
`429 Too Many Requests`	Monthly quota exhausted	Email dev@gojinko.com or wait for the next billing window
`403 Forbidden` on a specific endpoint	Endpoint requires a higher tier or a permission your account lacks	Check the dashboard for plan info; reach out if surprised

For 4xx debugging, also check the response body, Jinko returns a structured error object with a code and message. See Errors & troubleshooting.

​Get a key

​Use a key

​Sandbox keys

​Rotation

​Quotas

​Common failures