> ## Documentation Index
> Fetch the complete documentation index at: https://recipe.uselettuce.dev/llms.txt
> Use this file to discover all available pages before exploring further.

# Accounts & API keys

> Sign up, manage your team, and issue API keys.

## Accounts and teams

An account is a **team**. Sign up at
[uselettuce.dev/signup](https://uselettuce.dev/signup) with
email + password. The first person to sign in owns a new account.

Owners invite teammates by email from the
[Team page](https://uselettuce.dev/team) — an invited teammate
shows up as *pending* until they sign up with that email, then joins the
account automatically.

Roles:

* **owner** — full access, including team management.
* **member** — uses the product; cannot manage the team.

## API keys

API keys (`cwz_…`) authenticate **coding agents** — they are separate
from your human login. Create one per agent / machine / teammate; revoke
any that leak.

### Create a new key

<Steps>
  <Step title="Open the API keys page">
    Go to [uselettuce.dev/keys](https://uselettuce.dev/keys).
  </Step>

  <Step title="Click New key">
    Pick a name you'll recognise — e.g. `claude-code-macbook`,
    `cursor-work-laptop`, `ci-deploy`. The name is just for you; it
    appears on the keys list.
  </Step>

  <Step title="Copy the full key">
    The full `cwz_…` value is shown **once**, right after creation. Copy
    it into your password manager or paste it straight into your agent's
    config. You cannot retrieve it later.
  </Step>
</Steps>

<Note>
  Keys are stored hashed, never in plain text. A lost key cannot be
  recovered — revoke it and create a new one.
</Note>

### Use the key

Pass it to a coding agent in the `Authorization` header — exact
per-agent snippets on the [Connect your agent](/connect-agents) page.
Quick reference:

```bash theme={null}
claude mcp add --transport http lettuce https://diet.uselettuce.dev/mcp \
  --header "Authorization: Bearer cwz_<your-key>"
```

### Revoke a key

Open [uselettuce.dev/keys](https://uselettuce.dev/keys),
find the key in the list, click **Revoke**. Any agent or CLI still using
it stops working immediately. Create a fresh key to replace it.

## How it all ties together

The browser web app and your coding agents all reach the same service.
Your **email + password** logs *you* in to the dashboard; the **API
key** logs your *agent* in. Both resolve to the same account, so both
see the same repos and usage.
