Ktos.AspNetCore.Authentication.ApiKeyHeader 7.0.0

.NET 7.0
dotnet add package Ktos.AspNetCore.Authentication.ApiKeyHeader --version 7.0.0
NuGet\Install-Package Ktos.AspNetCore.Authentication.ApiKeyHeader -Version 7.0.0
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="Ktos.AspNetCore.Authentication.ApiKeyHeader" Version="7.0.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add Ktos.AspNetCore.Authentication.ApiKeyHeader --version 7.0.0
#r "nuget: Ktos.AspNetCore.Authentication.ApiKeyHeader, 7.0.0"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install Ktos.AspNetCore.Authentication.ApiKeyHeader as a Cake Addin
#addin nuget:?package=Ktos.AspNetCore.Authentication.ApiKeyHeader&version=7.0.0

// Install Ktos.AspNetCore.Authentication.ApiKeyHeader as a Cake Tool
#tool nuget:?package=Ktos.AspNetCore.Authentication.ApiKeyHeader&version=7.0.0

Authentication for ASP.NET Core Security using HTTP header like X-APIKEY and simple single provided key.

This authentication method, while very simple, is of course not suitable for production systems due to potential insecurities. However, as fast and simple method, still could be useful in situations you don't wan't to use token-based security.

Sample usage

Configure your authentication method in Program.cs:

// ...
builder.Services.AddAuthentication(options =>
{
    options.DefaultAuthenticateScheme = ApiKeyHeaderAuthenticationDefaults.AuthenticationScheme;
    options.DefaultChallengeScheme = ApiKeyHeaderAuthenticationDefaults.AuthenticationScheme;
})
    .AddApiKeyHeaderAuthentication(options => options.ApiKey = "my-secret-api-key");

Remember about activating it later:

app.UseAuthentication();
app.UseAuthorization();

It requires you to authenticate to sent X-APIKEY header along with your request, with a value equal to the secret key you set in options, or the request will fail with 401 Unauthorized HTTP error.

curl -X GET \
	'http://localhost:5231/WeatherForecast' \
	-H 'X-APIKEY': 'my-secret-api-key'
var client = new RestClient();
client.BaseUrl = new Uri("http://localhost:5231/WeatherForecast");
var request = new RestRequest(RestSharp.Method.GET);
request.AddHeader("X-APIKEY", "my-secret-api-key");
var response = client.Execute(request);

Of course, you have to ensure your controller or actions are expecting user to be authenticated, for example you can use [Authorize].

Product Versions
.NET net7.0 net7.0-android net7.0-ios net7.0-maccatalyst net7.0-macos net7.0-tvos net7.0-windows
Compatible target framework(s)
Additional computed target framework(s)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
7.0.0 593 11/12/2022
6.0.0 10,100 11/18/2021
5.0.0 12,994 11/10/2020
5.0.0-preview.4 260 5/20/2020
5.0.0-preview.3 248 5/20/2020
3.1.9 1,350 10/14/2020
3.1.8 451 9/12/2020
3.1.6 668 7/23/2020
3.1.4 415 5/20/2020
3.1.4-pre 261 5/13/2020
3.1.3 449 4/10/2020
3.1.3-preview 291 4/8/2020
3.1.0 421 4/8/2020
3.0.0 401 4/8/2020
3.0.0-preview 336 9/23/2019
2.2.0 443 8/16/2019
2.1.0-pre 478 12/16/2018