diff --git a/src/auth/AuthContext.tsx b/src/auth/AuthContext.tsx
index 24b1b2d..b6da71b 100644
--- a/src/auth/AuthContext.tsx
+++ b/src/auth/AuthContext.tsx
@@ -13,15 +13,15 @@ export function AuthProvider({ children }: PropsWithChildren) {
     () => ({
       session,
       isAuthed: !!session,
-      login: async (centerApiBase: string, centerApiKey: string, email: string, password: string) => {
-        const next = await loginCenter(centerApiBase, centerApiKey, { email, password })
+      login: async (centerApiBase: string, email: string, password: string) => {
+        const next = await loginCenter(centerApiBase, { email, password })
         setAuthSession(next)
         setSession(next)
       },
       logout: async () => {
         if (session?.refreshToken) {
           try {
-            await logoutCenter(session.centerApiBase, session.centerApiKey, session.refreshToken)
+            await logoutCenter(session.centerApiBase, session.refreshToken)
           } catch {
             // noop
           }
@@ -33,12 +33,13 @@ export function AuthProvider({ children }: PropsWithChildren) {
         if (!session) return null
         if (!isAccessTokenStale(session.accessToken)) return session.accessToken
 
-        const refreshed = await refreshCenter(session.centerApiBase, session.centerApiKey, session.refreshToken)
+        const refreshed = await refreshCenter(session.centerApiBase, session.refreshToken)
         const next: AuthSession = {
           ...session,
           accessToken: refreshed.accessToken,
           refreshToken: refreshed.refreshToken,
           tokenType: refreshed.tokenType,
+          expiresIn: refreshed.expiresIn,
         }
         setAuthSession(next)
         setSession(next)
diff --git a/src/auth/auth-context.ts b/src/auth/auth-context.ts
index f58db38..51c816e 100644
--- a/src/auth/auth-context.ts
+++ b/src/auth/auth-context.ts
@@ -4,7 +4,7 @@ import type { AuthSession } from '../lib/auth-storage'
 export type AuthContextValue = {
   session: AuthSession | null
   isAuthed: boolean
-  login: (centerApiBase: string, centerApiKey: string, email: string, password: string) => Promise<void>
+  login: (centerApiBase: string, email: string, password: string) => Promise<void>
   logout: () => Promise<void>
   ensureFreshToken: () => Promise<string | null>
 }
diff --git a/src/lib/auth-storage.ts b/src/lib/auth-storage.ts
index 0429d0f..6cae3a3 100644
--- a/src/lib/auth-storage.ts
+++ b/src/lib/auth-storage.ts
@@ -1,9 +1,9 @@
 export type AuthSession = {
   centerApiBase: string
-  centerApiKey: string
   accessToken: string
   refreshToken: string
   tokenType: string
+  expiresIn?: number
   user: {
     id: string
     email: string
@@ -18,6 +18,7 @@ export type AuthSession = {
     guildNodeId: string
     token: string
     tokenType: string
+    expiresIn?: number
   }>
 }
 
diff --git a/src/lib/center-auth-client.ts b/src/lib/center-auth-client.ts
index 5d34915..3a7580b 100644
--- a/src/lib/center-auth-client.ts
+++ b/src/lib/center-auth-client.ts
@@ -4,22 +4,23 @@ import type { AuthSession } from './auth-storage'
 export type LoginPayload = { email: string; password: string }
 
 type LoginResponse = {
-  centerApiBase: string
   accessToken: string
   refreshToken: string
   tokenType: string
+  expiresIn?: number
   user: { id: string; email: string }
   guilds: Array<{ nodeId: string; name: string; endpoint: string; status: 'active' | 'offline' | 'revoked' }>
-  guildAccessTokens: Array<{ guildNodeId: string; token: string; tokenType: string }>
+  guildAccessTokens: Array<{ guildNodeId: string; token: string; tokenType: string; expiresIn?: number }>
 }
 
 type RefreshResponse = {
   accessToken: string
   refreshToken: string
   tokenType: string
+  expiresIn?: number
 }
 
-function centerClient(centerApiBase: string, centerApiKey: string) {
+function centerClient(centerApiBase: string) {
   const client = axios.create({
     baseURL: centerApiBase,
     timeout: 10000,
@@ -27,7 +28,6 @@ function centerClient(centerApiBase: string, centerApiKey: string) {
 
   client.interceptors.request.use((request) => {
     const requestId = crypto.randomUUID()
-    request.headers['x-api-key'] = centerApiKey
     request.headers['x-request-id'] = requestId
     request.headers['x-client-name'] = 'fabric-frontend'
     return request
@@ -36,16 +36,16 @@ function centerClient(centerApiBase: string, centerApiKey: string) {
   return client
 }
 
-export async function loginCenter(centerApiBase: string, centerApiKey: string, payload: LoginPayload): Promise<AuthSession> {
-  const res = await centerClient(centerApiBase, centerApiKey).post<LoginResponse>('/auth/login', payload)
-  return { ...res.data, centerApiBase, centerApiKey }
+export async function loginCenter(centerApiBase: string, payload: LoginPayload): Promise<AuthSession> {
+  const res = await centerClient(centerApiBase).post<LoginResponse>('/auth/login', payload)
+  return { ...res.data, centerApiBase }
 }
 
-export async function refreshCenter(centerApiBase: string, centerApiKey: string, refreshToken: string): Promise<RefreshResponse> {
-  const res = await centerClient(centerApiBase, centerApiKey).post<RefreshResponse>('/auth/refresh', { refreshToken })
+export async function refreshCenter(centerApiBase: string, refreshToken: string): Promise<RefreshResponse> {
+  const res = await centerClient(centerApiBase).post<RefreshResponse>('/auth/refresh', { refreshToken })
   return res.data
 }
 
-export async function logoutCenter(centerApiBase: string, centerApiKey: string, refreshToken: string): Promise<void> {
-  await centerClient(centerApiBase, centerApiKey).post('/auth/logout', { refreshToken })
+export async function logoutCenter(centerApiBase: string, refreshToken: string): Promise<void> {
+  await centerClient(centerApiBase).post('/auth/logout', { refreshToken })
 }
diff --git a/src/pages/LoginPage.tsx b/src/pages/LoginPage.tsx
index 238c9a3..bfdc8fc 100644
--- a/src/pages/LoginPage.tsx
+++ b/src/pages/LoginPage.tsx
@@ -7,7 +7,6 @@ export default function LoginPage() {
   const navigate = useNavigate()
   const { login, isAuthed, session } = useAuth()
   const [centerApiBase, setCenterApiBase] = useState('http://localhost:7001/api')
-  const [centerApiKey, setCenterApiKey] = useState('')
   const [email, setEmail] = useState('')
   const [password, setPassword] = useState('')
   const [error, setError] = useState('')
@@ -16,7 +15,7 @@ export default function LoginPage() {
     e.preventDefault()
     setError('')
     try {
-      await login(centerApiBase.trim(), centerApiKey.trim(), email, password)
+      await login(centerApiBase.trim(), email, password)
       navigate('/workspace')
     } catch {
       setError('Login failed. Please check your email and password.')
@@ -34,12 +33,6 @@ export default function LoginPage() {
           onChange={(e) => setCenterApiBase(e.target.value)}
           placeholder="Center API Base (e.g. http://localhost:7001/api)"
         />
-        <input
-          className="input"
-          value={centerApiKey}
-          onChange={(e) => setCenterApiKey(e.target.value)}
-          placeholder="Center API Key"
-        />
         <input className="input" value={email} onChange={(e) => setEmail(e.target.value)} placeholder="Email" type="email" />
         <input
           className="input"