Skip to main content
Setup is two steps: create an API key for the website you want to expose, then plug the key into your MCP client.
1
Generate an API key
2
Each key is scoped to a single website. If you track multiple sites, create one key per site.
3
  • Open the website you want to expose and go to Settings > API keys.
  • Click Create API key.
  • Give it a descriptive name like Claude Desktop or Analyst workflow.
  • Copy the key immediately. It starts with geo_ and is only shown once.
    • 4
    Keys inherit the website’s subscription access. Treat them like passwords: never commit them, rotate if leaked via Revoke.
    5
    Point your MCP client at Hikoo
    6
    The Hikoo MCP endpoint is:
    7
    https://mcp.tryhikoo.com/mcp
    8
    It uses the streamable-HTTP transport. Pass your API key in the Authorization header.
    9
    Claude Desktop
    Edit claude_desktop_config.json:
    {
  "mcpServers": {
    "hikoo": {
      "type": "http",
      "url": "https://mcp.tryhikoo.com/mcp",
      "headers": {
        "Authorization": "Bearer geo_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
      }
    }
  }
}
    Restart Claude Desktop. You should see the Hikoo server appear in the tools menu.
    Claude Code
    Use the claude mcp add command (or edit .mcp.json):
    claude mcp add hikoo --transport http \
  --url https://mcp.tryhikoo.com/mcp \
  --header "Authorization: Bearer geo_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
    Other MCP clients
    Any client that supports the streamable HTTP transport works. Configure:
    • URL: https://mcp.tryhikoo.com/mcp
    • Header: Authorization: Bearer geo_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    Check your client’s documentation for how to supply custom headers.
    10
    Try it out
    11
    Start a new chat and ask something like:
    12
    “What are my top AI platforms citing my site this month?”
    13
    The client will use a Hikoo tool to fetch live data from your workspace and answer in context.

    Managing keys

    • List your keys on the website’s Settings > API keys page, with their last-used timestamps.
    • Revoke a key to deactivate it immediately. Clients using it will receive a 401 Unauthorized.
    • Expiration is optional. Set it when creating a key if you want automatic rotation.

    Troubleshooting

    SymptomLikely cause
    401 Invalid or expired API keyThe key was revoked, expired, or typed incorrectly. Create a fresh one.
    403 ForbiddenThe client is not sending the expected MCP headers. Verify your config.
    Tools don’t appear in ClaudeCheck the client restarted after editing the config, and the transport is set to http (not sse).
    See the tools reference for what you can ask once connected.