Ktos.AspNetCore.Authentication.ApiKeyHeader 7.0.0

.NET 7.0
dotnet add package Ktos.AspNetCore.Authentication.ApiKeyHeader --version 7.0.0
NuGet\Install-Package Ktos.AspNetCore.Authentication.ApiKeyHeader -Version 7.0.0
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="Ktos.AspNetCore.Authentication.ApiKeyHeader" Version="7.0.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add Ktos.AspNetCore.Authentication.ApiKeyHeader --version 7.0.0
#r "nuget: Ktos.AspNetCore.Authentication.ApiKeyHeader, 7.0.0"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install Ktos.AspNetCore.Authentication.ApiKeyHeader as a Cake Addin
#addin nuget:?package=Ktos.AspNetCore.Authentication.ApiKeyHeader&version=7.0.0

// Install Ktos.AspNetCore.Authentication.ApiKeyHeader as a Cake Tool
#tool nuget:?package=Ktos.AspNetCore.Authentication.ApiKeyHeader&version=7.0.0

Authentication for ASP.NET Core Security using HTTP header like X-APIKEY and simple single provided key.

This authentication method, while very simple, is of course not suitable for production systems due to potential insecurities. However, as fast and simple method, still could be useful in situations you don't wan't to use token-based security.

Sample usage

Configure your authentication method in Program.cs:

// ...
builder.Services.AddAuthentication(options =>
    options.DefaultAuthenticateScheme = ApiKeyHeaderAuthenticationDefaults.AuthenticationScheme;
    options.DefaultChallengeScheme = ApiKeyHeaderAuthenticationDefaults.AuthenticationScheme;
    .AddApiKeyHeaderAuthentication(options => options.ApiKey = "my-secret-api-key");

Remember about activating it later:


It requires you to authenticate to sent X-APIKEY header along with your request, with a value equal to the secret key you set in options, or the request will fail with 401 Unauthorized HTTP error.

curl -X GET \
	'http://localhost:5231/WeatherForecast' \
	-H 'X-APIKEY': 'my-secret-api-key'
var client = new RestClient();
client.BaseUrl = new Uri("http://localhost:5231/WeatherForecast");
var request = new RestRequest(RestSharp.Method.GET);
request.AddHeader("X-APIKEY", "my-secret-api-key");
var response = client.Execute(request);

Of course, you have to ensure your controller or actions are expecting user to be authenticated, for example you can use [Authorize].

Product Compatible and additional computed target framework versions.
.NET net7.0 is compatible.  net7.0-android was computed.  net7.0-ios was computed.  net7.0-maccatalyst was computed.  net7.0-macos was computed.  net7.0-tvos was computed.  net7.0-windows was computed. 
Compatible target framework(s)
Additional computed target framework(s)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
7.0.0 887 11/12/2022
6.0.0 12,721 11/18/2021
5.0.0 13,911 11/10/2020
5.0.0-preview.4 269 5/20/2020
5.0.0-preview.3 255 5/20/2020
3.1.9 1,376 10/14/2020
3.1.8 468 9/12/2020
3.1.6 681 7/23/2020
3.1.4 429 5/20/2020
3.1.4-pre 269 5/13/2020
3.1.3 465 4/10/2020
3.1.3-preview 305 4/8/2020
3.1.0 436 4/8/2020
3.0.0 417 4/8/2020
3.0.0-preview 345 9/23/2019
2.2.0 459 8/16/2019
2.1.0-pre 486 12/16/2018