Microsoft.Owin.Security.ApiKey 1.1.1

Middleware for your Owin pipeline that allows an application to perform authentication of requests via an API key in the Authorization header.

Install-Package Microsoft.Owin.Security.ApiKey -Version 1.1.1
dotnet add package Microsoft.Owin.Security.ApiKey --version 1.1.1
<PackageReference Include="Microsoft.Owin.Security.ApiKey" Version="1.1.1" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add Microsoft.Owin.Security.ApiKey --version 1.1.1
The NuGet Team does not provide support for this client. Please contact its maintainers for support.

Microsoft.Owin.Security.ApiKey Build status

Lets an OWIN-enabled application use API keys for authentication.

Getting started

Grab the package from NuGet, which will install all dependencies.

Install-Package Microsoft.Owin.Security.ApiKey

Usage

Extension methods for IAppBuilder will enable the middleware. Your custom delegates can be passed to ApiKeyAuthenticationProvider; at a minimum, you must implement OnValidateIdentity to validate the incoming API keys.
OnGenerateClaims is optional; the middleware will always construct an identity with a claim denoting the authentication type, but you have the option of fleshing out the identity with further custom claims if you wish.

public void Configuration(IAppBuilder app)
{
    app.UseApiKeyAuthentication(new ApiKeyAuthenticationOptions()
    {
        Provider = new ApiKeyAuthenticationProvider()
        {
            OnValidateIdentity = ValidateIdentity,
            OnGenerateClaims = GenerateClaims
        }
    });
}

private async Task ValidateIdentity(ApiKeyValidateIdentityContext context)
{
    if (context.ApiKey == "123")
    {
        context.Validate();
    }
}

private async Task<IEnumerable<Claim>> GenerateClaims(ApiKeyGenerateClaimsContext context)
{
    return new[] { new Claim(ClaimTypes.Name, "Fred") };
}

Custom Status Codes

If you do not validate the context when validating the incoming identity then the middleware will default to an HTTP status code of 401. If you wish to return a different status code (e.g. a client's subscription has expired) then you can set a custom status code in the validation context:

private async Task ValidateIdentity(ApiKeyValidateIdentityContext context)
{
    if (context.ApiKey == "123")
    {
        context.Validate();
    }
    
    if (subscription.IsExpired)
    {
        context.StatusCode = 402;
    }
}

Microsoft.Owin.Security.ApiKey Build status

Lets an OWIN-enabled application use API keys for authentication.

Getting started

Grab the package from NuGet, which will install all dependencies.

Install-Package Microsoft.Owin.Security.ApiKey

Usage

Extension methods for IAppBuilder will enable the middleware. Your custom delegates can be passed to ApiKeyAuthenticationProvider; at a minimum, you must implement OnValidateIdentity to validate the incoming API keys.
OnGenerateClaims is optional; the middleware will always construct an identity with a claim denoting the authentication type, but you have the option of fleshing out the identity with further custom claims if you wish.

public void Configuration(IAppBuilder app)
{
    app.UseApiKeyAuthentication(new ApiKeyAuthenticationOptions()
    {
        Provider = new ApiKeyAuthenticationProvider()
        {
            OnValidateIdentity = ValidateIdentity,
            OnGenerateClaims = GenerateClaims
        }
    });
}

private async Task ValidateIdentity(ApiKeyValidateIdentityContext context)
{
    if (context.ApiKey == "123")
    {
        context.Validate();
    }
}

private async Task<IEnumerable<Claim>> GenerateClaims(ApiKeyGenerateClaimsContext context)
{
    return new[] { new Claim(ClaimTypes.Name, "Fred") };
}

Custom Status Codes

If you do not validate the context when validating the incoming identity then the middleware will default to an HTTP status code of 401. If you wish to return a different status code (e.g. a client's subscription has expired) then you can set a custom status code in the validation context:

private async Task ValidateIdentity(ApiKeyValidateIdentityContext context)
{
    if (context.ApiKey == "123")
    {
        context.Validate();
    }
    
    if (subscription.IsExpired)
    {
        context.StatusCode = 402;
    }
}

Version History

Version Downloads Last updated
1.1.1 12,534 12/12/2017
1.1.0 288 12/11/2017
1.0.2 7,659 12/14/2016