Sessions, grants, and activity

View and manage every device, OAuth grant, and personal API key tied to your account.

The Sessions panel under Settings → Personal → API keys & apps is the one place to see — and revoke — anything that can act as you in Monad. That includes:

Browser sessions — every device you're signed into.
Personal API keys — long-lived credentials you minted.
Connected apps — OAuth grants for Claude, ChatGPT, MCP Inspector, and any other app that completed the consent flow.

What each row shows

For OAuth grants:

The app's name and logo. Well-known apps like Claude and ChatGPT show their familiar icon; other apps show the logo they provided, or their initials if they didn't provide one. Names and logos are self-reported by the developer — treat them like the name on a business card.
When you granted access.
When the app last used the credentials.
A Revoke button.

For API keys:

The name you gave the key.
The first dozen characters of the key (so you can identify which one is which without seeing the full secret).
When the key was last used.
A Revoke button.

Revoke

Tap Revoke on any row. The change takes effect on the next request — there is no caching layer to wait out. Revocation is permanent: a revoked key or grant can never be re-enabled. To restore access, mint a new key (for an API key) or repeat the OAuth flow (for an app).

Activity history

Each connected app and API-key row has an Activity link that opens a paginated history of every tool call made through that credential. Each row shows the tool name, the timestamp, whether the call succeeded, and how long it took. Args are summarised — we deliberately don't keep a full copy of every message body or canvas edit you sent through MCP.

If you see a call you don't recognise, revoke the credential and mint a fresh one.

What each row shows#

Revoke#

Activity history#

What each row shows

Revoke

Activity history