API Access & MCP

Create API keys and connect AI assistants to dialnote with MCP

dialnote has a public API so you can read your call data from your own apps, scripts, or an AI assistant. You create a scoped key, send it as a bearer token, and pull contacts, conversations, call logs, and more. If you'd rather push events out of dialnote instead of pulling them in, look at Webhooks or Zapier for the write-side automation.

This guide covers three things: creating API keys, the read-only key option, and connecting an AI assistant over MCP.

Creating an API Key#

Go to Settings → API Keys and click Create API Key. Give the key a name you'll recognize later (e.g. "Reporting script" or "Claude Desktop"), then create it.

The full key is shown once, at creation. It starts with dn_live_. Copy it and store it somewhere safe—a password manager or your app's secrets store. dialnote can't show it to you again, so if you lose it you'll have to create a new one.

A few things worth knowing:

  • Keys are org-scoped — a key works for your whole organization, not a single user.
  • You can have up to 25 active keys per org.
  • You can revoke any key anytime from the same screen. A revoked key stops working right away.

Authenticating#

Send the key as a bearer token on every request to the public API:

bash
curl https://api.dialnote.com/v1/contacts \
  -H "Authorization: Bearer dn_live_your_key_here"

That's it—no other setup. The API returns JSON.

Read-Only Keys#

When you create a key, you can turn on the Read-only key toggle in the Create API Key modal. A read-only key can read your data but can't change anything.

Reads work as normal—listing and fetching contacts, conversations, call logs, messages, recordings, and notes all return 200. Writes are blocked. Anything that would create, update, delete, or send returns:

HTTP 403
{ "error": "INSUFFICIENT_PERMISSIONS" }

So POST /messages, POST /contacts, PATCH /contacts/:id, and DELETE /contacts/:id all get a 403 on a read-only key. Only a full-access key can run those.

Once created, a read-only key shows a Read-only badge—both on the created-key screen and in the key list—so you can tell at a glance which keys are scoped.

When to use read-only#

Reach for a read-only key any time a key leaves your own trusted code—third-party software, a partner's app, or an AI agent. It caps the blast radius if the key ever leaks. A leaked full-access key could place calls or send messages on your dime; a leaked read-only key can only read. For anything that just needs to look at your data, read-only is the safer default.

What a read-only key can access#

ResourceReadNotes
ContactsList and get
ConversationsList and get
Call LogsDuration, direction, status
Conversation NotesNotes on a conversation
Contact NotesNotes on a contact
MessagesMessage history (sending is a write)
RecordingsRecording URL and metadata

Connect an AI Assistant over MCP#

MCP (Model Context Protocol) is a standard way for AI assistants to call your tools and data. Instead of copying call notes into a chat by hand, the assistant connects to dialnote directly and reads what it needs, when it needs it.

The model is simple: the assistant connects to the dialnote MCP server using a read-only dn_live_ key. From there it can read your contacts, conversations, call logs, and the rest of the resources above—on request, during a conversation. Because the key is read-only, writes stay blocked. The assistant can't send a message or delete a contact even if asked; those attempts come back as 403 INSUFFICIENT_PERMISSIONS.

This works with any MCP client—Claude Desktop, Cursor, Retell voice agents, or a custom app. Point the client at the dialnote MCP server and pass your read-only key as an environment variable:

json
{
  "mcpServers": {
    "dialnote": {
      "command": "npx",
      "args": ["-y", "@dialnote/mcp-server"],
      "env": {
        "DIALNOTE_API_KEY": "dn_live_your_read_only_key_here"
      }
    }
  }
}

What to expect#

  • Read-only today — the assistant can read contacts, conversations, call logs, notes, messages, and recording metadata.
  • Writes are a later step — write tools (like sending a message) would need a full-access key and will be a separate, confirmation-gated feature. They aren't part of the read-only MCP setup.

Next Steps#

We use cookies for analytics, ads, and to remember your preferences. Privacy Policy