Product availability

Marrow provides open account creation, Console, direct HTTP, TypeScript, Python, CLI, hosted MCP, and local stdio compatibility. Choose the credential for the surface you are using; one credential never silently substitutes for another.

Surface Credential
Account creation with email, Google, or Apple Browser account flow
Account sign-in Browser Console session
Credits and usage Browser Console session or CLI session
API-key creation and lifecycle Browser Console session or CLI session
URL and file context Customer API key with ingest
Processing status Customer API key with ingest
Context retrieval Customer API key with query
Agent memory and native memory commands Customer API key with memory.read or memory.write
CLI account connection CLI session
TypeScript client Customer API key with the route's required scope
Python client Customer API key with the route's required scope
Hosted MCP Interactive authorization or a customer API key with memory.read and/or memory.write
Local stdio MCP compatibility Customer API key with memory.read and/or memory.write

Invitations are optional. An invitation link can prefill an invited email address, but it is not required; account creation is also available directly from the Account page.

API-key scopes

Create keys with the record and context scopes your app needs:

marrow api-keys create --name "Server-side app" \
  --scope ingest \
  --scope query

memory.read and memory.write are explicit opt-in scopes for agent memory and native memory exchange:

marrow api-keys create --name "Target-native app" \
  --scope ingest \
  --scope query \
  --scope memory.read \
  --scope memory.write

Grant native memory scopes only to apps and agents that need those operations. Agent and native memory are available across direct HTTP, TypeScript, Python, CLI, hosted MCP, and local stdio MCP. Hosted MCP is the recommended MCP path for clients that support remote Streamable HTTP. marrow mcp is the compatibility path for clients that require a local stdio server. Both MCP transports expose the same 15 tools and the same hosted account state.

Each read or write remains scoped to the authenticated account and the credential's memory.read or memory.write permission. Accepted message writes enter the account's processing queue; event and queue status make read eligibility visible. Claim correction and withdrawal are synchronous, revision-guarded history mutations. Reads return citations or an explicit evidence gap, and claim history preserves corrections, withdrawals, and supersession.

Interactive MCP authorization creates a connected application in Console. The connection authorizes the full hosted 15-tool resource for that account. Disconnecting it revokes that application's access without changing browser sessions or customer API keys. Use a customer API key when a server-managed client needs narrower memory.read or memory.write authority.

Activation path

  1. Create an account or sign in from the Marrow Account page.
  2. Continue to Console and review the account-reported credit balance.
  3. Create a copy-once API key with ingest and query in Console.
  4. Store the key server-side as MARROW_API_KEY.
  5. Submit one supported URL or file.
  6. Wait for the processing job to reach a terminal state.
  7. Retrieve context from the server-side path.
  8. Handle citations, warnings, and insufficient evidence.

For MCP, connect to https://mcp.marrow.id. Use interactive authorization for a person connecting an MCP client to their Marrow account. Use a scoped customer API key for a server-managed client whose team owns credential rotation. Do not put either credential in a URL or prompt.

Signing in does not mint a customer API key. Customer API keys do not sign in to account-management routes. Browser sessions, CLI sessions, customer API keys, and service credentials are separate authority classes.