Ktos.AspNetCore.Authentication.ApiKeyHeader
7.0.0
dotnet add package Ktos.AspNetCore.Authentication.ApiKeyHeader --version 7.0.0
NuGet\Install-Package Ktos.AspNetCore.Authentication.ApiKeyHeader -Version 7.0.0
<PackageReference Include="Ktos.AspNetCore.Authentication.ApiKeyHeader" Version="7.0.0" />
paket add Ktos.AspNetCore.Authentication.ApiKeyHeader --version 7.0.0
#r "nuget: Ktos.AspNetCore.Authentication.ApiKeyHeader, 7.0.0"
// Install Ktos.AspNetCore.Authentication.ApiKeyHeader as a Cake Addin #addin nuget:?package=Ktos.AspNetCore.Authentication.ApiKeyHeader&version=7.0.0 // Install Ktos.AspNetCore.Authentication.ApiKeyHeader as a Cake Tool #tool nuget:?package=Ktos.AspNetCore.Authentication.ApiKeyHeader&version=7.0.0
Authentication for ASP.NET Core Security using HTTP header like X-APIKEY
and
simple single provided key.
This authentication method, while very simple, is of course not suitable for production systems due to potential insecurities. However, as fast and simple method, still could be useful in situations you don't wan't to use token-based security.
Sample usage
Configure your authentication method in Program.cs
:
// ...
builder.Services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = ApiKeyHeaderAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = ApiKeyHeaderAuthenticationDefaults.AuthenticationScheme;
})
.AddApiKeyHeaderAuthentication(options => options.ApiKey = "my-secret-api-key");
Remember about activating it later:
app.UseAuthentication();
app.UseAuthorization();
It requires you to authenticate to sent X-APIKEY
header along with your
request, with a value equal to the secret key you set in options, or the request
will fail with 401 Unauthorized
HTTP error.
curl -X GET \
'http://localhost:5231/WeatherForecast' \
-H 'X-APIKEY': 'my-secret-api-key'
var client = new RestClient();
client.BaseUrl = new Uri("http://localhost:5231/WeatherForecast");
var request = new RestRequest(RestSharp.Method.GET);
request.AddHeader("X-APIKEY", "my-secret-api-key");
var response = client.Execute(request);
Of course, you have to ensure your controller or actions are expecting user to
be authenticated, for example you can use [Authorize]
.
Product | Versions Compatible and additional computed target framework versions. |
---|---|
.NET | net7.0 is compatible. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
-
net7.0
- Microsoft.Extensions.Options (>= 7.0.0)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.
Version | Downloads | Last updated |
---|---|---|
7.0.0 | 10,722 | 11/12/2022 |
6.0.0 | 46,039 | 11/18/2021 |
5.0.0 | 18,197 | 11/10/2020 |
5.0.0-preview.4 | 300 | 5/20/2020 |
5.0.0-preview.3 | 292 | 5/20/2020 |
3.1.9 | 1,501 | 10/14/2020 |
3.1.8 | 562 | 9/12/2020 |
3.1.6 | 763 | 7/23/2020 |
3.1.4 | 499 | 5/20/2020 |
3.1.4-pre | 329 | 5/13/2020 |
3.1.3 | 540 | 4/10/2020 |
3.1.3-preview | 350 | 4/8/2020 |
3.1.0 | 495 | 4/8/2020 |
3.0.0 | 487 | 4/8/2020 |
3.0.0-preview | 387 | 9/23/2019 |
2.2.0 | 555 | 8/16/2019 |
2.1.0-pre | 534 | 12/16/2018 |