From 85e12a0ddc8bac151d8b6a01f1e62febdac56f92 Mon Sep 17 00:00:00 2001 From: Devansh Dubey Date: Tue, 17 Mar 2026 16:08:16 +0530 Subject: [PATCH] fix(mcp-service-docs): removed the service keys are not supported thing --- product/mcp-gateway/authentication/oauth.mdx | 3 --- product/mcp-gateway/internal-mcp-servers.mdx | 3 --- product/mcp-gateway/quickstart.mdx | 4 ---- 3 files changed, 10 deletions(-) diff --git a/product/mcp-gateway/authentication/oauth.mdx b/product/mcp-gateway/authentication/oauth.mdx index 18df843c..2263b97f 100644 --- a/product/mcp-gateway/authentication/oauth.mdx +++ b/product/mcp-gateway/authentication/oauth.mdx @@ -101,9 +101,6 @@ Portkey's OAuth works alongside external OAuth. Portkey determines the authentic | External IdP token | External OAuth 2.0 validation | | Nothing | Portkey OAuth 2.1 flow | - -When using API key authentication, only **user API keys** work with MCP Gateway. Service API keys are not supported. - ## Security considerations diff --git a/product/mcp-gateway/internal-mcp-servers.mdx b/product/mcp-gateway/internal-mcp-servers.mdx index c611ab60..962851e0 100644 --- a/product/mcp-gateway/internal-mcp-servers.mdx +++ b/product/mcp-gateway/internal-mcp-servers.mdx @@ -152,9 +152,6 @@ Three ways for users to authenticate to Portkey: **Portkey API Key** — Create keys in **Settings → API Keys**. Keys are scoped to workspaces. - -When using API key authentication, only **user API keys** work with MCP Gateway. Service API keys are not supported. - ```json { diff --git a/product/mcp-gateway/quickstart.mdx b/product/mcp-gateway/quickstart.mdx index 586c2ad0..73b7e62e 100644 --- a/product/mcp-gateway/quickstart.mdx +++ b/product/mcp-gateway/quickstart.mdx @@ -118,10 +118,6 @@ Add a new MCP server that points to the Portkey URL. You have two authentication When creating your workspace API key, ensure it has **MCP Invoke** permissions enabled. - - Only **user API keys** work with MCP Gateway. Service API keys are not supported. - - **Best for:** CI/CD pipelines, backend services, or automated agents where interactive OAuth isn't possible.