> ## Documentation Index
> Fetch the complete documentation index at: https://docs.olira.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Settings

> Manage your team and roles, create API keys, connect MCP clients, and set organization security policies from the Console.

Settings is where organization admins manage access and where developers get credentials. What you see depends on your role: sections you can't manage are hidden.

## Team and roles

**Settings → Team** lists members and pending invites. Admins can invite teammates by email, change roles, and resend or revoke invitations.

Three roles control what a member can do:

| Role       | Capabilities                                                                              |
| ---------- | ----------------------------------------------------------------------------------------- |
| **Admin**  | Everything: organization settings, user management, and all data access.                  |
| **Dev**    | Patient data, observability tools, and user management (cannot promote members to admin). |
| **Member** | Patient data and standard clinical features.                                              |

## API keys

**Settings → API keys** is where you mint credentials for the [SDK, REST API, and CLI](/authentication):

* Create a key with a name and the scopes it needs (for example `sdk:event-log`, `api:manage-patients`, `sdk:state-read`).
* Keys are shown once at creation, so store them in a secrets manager.
* Revoke keys at any time; revocation is immediate.

<Info>
  API key management is available when enabled for your organization and requires organization-settings permission.
</Info>

## MCP

**Settings → MCP** shows your organization's [MCP Patient State server](/mcp-server) endpoint and authentication instructions for connecting agent runtimes or IDE clients.

For command-line and MCP client authentication, the Console also handles the [CLI](/cli) browser login flow: `olira login` opens the Console, you approve, and the token is handed back to your terminal.

## Security

**Settings → Security** covers organization-wide policies (admin only):

* **MFA policy**: require multi-factor authentication for all members. Individuals manage their own MFA enrollment and trusted devices under **Settings → Profile**.
* **Session timeout**: how long a session can stay idle before re-authentication.

## Organization and integrations

* **Settings → Organization**: edit the organization profile.
* **Settings → Integrations**: entry point for managed data-source integrations; see [Integrations](/send-data/integrations) for what's supported and how connections are provisioned.
* **Settings → Getting started**: the setup checklist described in the [overview](/console/overview#setup-wizard).
