Skip to main content

Sign in

1

Open app.yambr.com

Go to app.yambr.com and click Sign in. Two providers: GitHub and Google. There is no email + password flow.
2

Request approval

New accounts land in a queue. We eyeball requests and approve most of them quickly — ping us on Telegram if it’s urgent. Once approved, your default $10 / 30-day budget is activated and your first key is issued.
3

Dashboard

You land on the dashboard: list of your keys, live spend per key, and copy-paste integration snippets for Claude Desktop, OpenAI SDK, n8n, and Cursor.

What a key is (and isn’t)

A Yambr key unlocks the public MCP endpoint at https://api.yambr.com/mcp/computer_use — that’s the Computer Use tools (bash_tool, view, create_file, str_replace, sub_agent) plus the sandbox that runs them.
A Yambr key is not a model key. We don’t resell OpenAI / Anthropic / Google inference. You bring your own model provider and use our key only for the MCP tool server. See Access model for why.

Key format & limits

  • Display format — the full key is shown once on creation; afterwards the dashboard shows only sk-...{last-4}. Copy it into your secret manager immediately.
  • Per-user cap — up to 5 active keys per account.
  • Budget — each key has its own max_budget, default $10, rolling 30d window. Live spend is displayed as a progress bar per key.
  • Concurrencymax_parallel_requests: 5 per key. Higher concurrency on request.

Create, revoke, reissue

From the dashboard:
  • Create key — name it (local-dev, prod-backend, …). The full value appears once; copy it. The row then shows the alias, creation date, budget, and live spend.
  • Revoke — immediate. In-flight requests fail with 401 Unauthorized.
  • Reissue — rotates the key, keeping the same budget and alias slot. Old value becomes invalid the moment the new one is shown.

Use the key

The key is a Bearer token against the MCP endpoint. Three canonical shapes: 
{
  "mcpServers": {
    "yambr-computer-use": {
      "url": "https://api.yambr.com/mcp/computer_use",
      "transport": "streamable-http",
      "headers": {
        "Authorization": "Bearer sk-yambr-..."
      }
    }
  }
}
The dashboard ships copy-paste snippets for Claude Desktop, OpenAI SDK, n8n / Make, and Cursor — always use those as the source of truth for the exact shape your tools expect.

Security

Treat Yambr keys like database passwords:
  • Never commit them to git. Use .env + .gitignore, or a secret manager (Doppler, 1Password, Vault).
  • Never ship them to a browser. Call the MCP endpoint only from your backend / agent host. If you need a browser-visible token, proxy through your own API.
  • Rotate on exposure. Revoke in the dashboard and issue a fresh one — the alias slot stays.

Quotas

  • Budget exhaustion (max_budget hit): requests return 429 until the 30-day window rolls, or until the budget is raised. The dashboard shows remaining spend live.
  • Concurrency exhaustion (max_parallel_requests): extra requests return 429 immediately; retry after the current tool call completes.
Need a higher limit? Open an issue or message us on Telegram.