Appa Tools documentation for MCP Studio, including setup, guides, concepts, and API-related reference content.

Skip to main content

Sign In & Get Credentials

Create Your Developer Account

To access the developer portal and manage your SDK configuration, sign in with either GitHub or Google at the sign-in page.

When you sign in for the first time, a developer account is automatically created with a unique Client ID and Client Secret.

Your Credentials

After signing in, you'll see your credentials in the developer portal:

  • Client ID — A public identifier for your integration. This is included in the embed snippet and is safe to expose in client-side code.
  • Client Secret — A private key used for server-to-server API calls. Never expose this in client-side code or public repositories.

Regenerating Your Secret

If your Client Secret is compromised, you can regenerate it from the developer portal. Click the Regenerate button on the credentials card. The old secret is immediately invalidated.

warning

Regenerating your secret will invalidate all existing server-to-server API calls using the old secret. Update your environment variables immediately after regenerating.

Security Best Practices

  • Client ID is public — it can be included in frontend code
  • Client Secret is private — only use it in server-side code or environment variables
  • Custom domains — if you configure a custom domain, requests from other origins will be rejected
  • Rotate secrets — if you suspect a compromise, regenerate immediately from the portal