API Key
Validate requests using an API key header (fixed value, script, or inline C#/VB code).
Full source
File: pwsh/tutorial/examples/8.3-Api-Key.ps1
<#
Sample: API Key Authentication Variants
Purpose: Demonstrates fixed key, PowerShell script, and inline C# validation for API key auth.
File: 8.3-Api-Key.ps1
Notes: Keys are static for illustration. Rotate & store securely in production.
#>
param(
[int]$Port = 5000,
[IPAddress]$IPAddress = [IPAddress]::Loopback
)
# 1. Logging
New-KrLogger | Add-KrSinkConsole | Register-KrLogger -Name 'console' -SetAsDefault | Out-Null
# 2. Server
New-KrServer -Name 'Auth API Key'
# 3. Listener
Add-KrEndpoint -Port $Port -IPAddress $IPAddress
# 5. Fixed key scheme
Add-KrApiKeyAuthentication -Name 'ApiKeySimple' -AllowInsecureHttp -HeaderName 'X-Api-Key' -ExpectedKey 'my-secret-api-key'
# 6. Script-based validation
Add-KrApiKeyAuthentication -Name 'ApiKeyPS' -AllowInsecureHttp -HeaderName 'X-Api-Key' -ScriptBlock { param($ProvidedKey) $ProvidedKey -eq 'my-secret-api-key' }
# 7. C# code validation
Add-KrApiKeyAuthentication -Name 'ApiKeyCS' -AllowInsecureHttp -HeaderName 'X-Api-Key' -Code @'
return providedKey == "my-secret-api-key";
'@
# 8. Finalize configuration
Enable-KrConfiguration
# 9. Group routes by scheme variant
Add-KrRouteGroup -Prefix '/secure/key' {
Add-KrMapRoute -Verbs Get -Pattern '/simple/hello' -AuthorizationSchema 'ApiKeySimple' -ScriptBlock { Write-KrTextResponse 'Simple Key OK' }
Add-KrMapRoute -Verbs Get -Pattern '/ps/hello' -AuthorizationSchema 'ApiKeyPS' -ScriptBlock { Write-KrTextResponse 'PS Key OK' }
Add-KrMapRoute -Verbs Get -Pattern '/cs/hello' -AuthorizationSchema 'ApiKeyCS' -ScriptBlock { Write-KrTextResponse 'CS Key OK' }
}
# 10. Start server
Start-KrServer -CloseLogsOnExit
Step-by-step
- Create server & listener.
- Register three key schemes: simple fixed, script validation, C# code.
- Enable configuration.
- Map routes for each scheme.
- Start server.
Try it
$h = @{ 'X-Api-Key' = 'my-secret-api-key' }
Invoke-WebRequest http://127.0.0.1:5000/secure/key/simple/hello -Headers $h | Select -Expand Content
Invoke-WebRequest http://127.0.0.1:5000/secure/key/ps/hello -Headers $h | Select -Expand Content
Invoke-WebRequest http://127.0.0.1:5000/secure/key/cs/hello -Headers $h | Select -Expand Content
References
- Add-KrApiKeyAuthentication
- Add-KrMapRoute
- Add-KrRouteGroup
- New-KrServer
- Add-KrEndpoint
- Enable-KrConfiguration
- Start-KrServer
Troubleshooting
| Symptom | Cause | Fix |
|---|---|---|
| 401 Unauthorized | Missing / wrong key | Provide correct X-Api-Key value |
| Works for simple only | Script/code scheme mismatch | Ensure header name & scheme used |
Previous / Next
- Previous: Basic (C# / VB.NET)
- Next: JWT Tokens