Auth API Key
User-scoped API key CRUD and verification methods.
Endpoints and Methods
auth.apiKey.create()->POST /api-key/createauth.apiKey.get()->GET /api-key/getauth.apiKey.update()->POST /api-key/updateauth.apiKey.delete()->POST /api-key/deleteauth.apiKey.list()->GET /api-key/listauth.apiKey.verify()->POST /api-key/verifyauth.apiKey.deleteAllExpired()->POST /api-key/delete-all-expired-api-keys
Examples
ATHENA_AUTH_BASE_URL="http://localhost:3001/api/auth"
ATHENA_AUTH_TOKEN="<bearer-token>"
# Adjust payload fields using the OpenAPI schema in this page.
# auth.apiKey.create() -> POST /api-key/create
curl -X POST "$ATHENA_AUTH_BASE_URL/api-key/create" \
-H "content-type: application/json" \
-H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
-d '{"...":"See OpenAPI requestBody schema"}'
# auth.apiKey.get() -> GET /api-key/get
curl -X GET "$ATHENA_AUTH_BASE_URL/api-key/get" \
-H "authorization: Bearer $ATHENA_AUTH_TOKEN"
# auth.apiKey.update() -> POST /api-key/update
curl -X POST "$ATHENA_AUTH_BASE_URL/api-key/update" \
-H "content-type: application/json" \
-H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
-d '{"...":"See OpenAPI requestBody schema"}'
# auth.apiKey.delete() -> POST /api-key/delete
curl -X POST "$ATHENA_AUTH_BASE_URL/api-key/delete" \
-H "content-type: application/json" \
-H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
-d '{"...":"See OpenAPI requestBody schema"}'
# auth.apiKey.list() -> GET /api-key/list
curl -X GET "$ATHENA_AUTH_BASE_URL/api-key/list" \
-H "authorization: Bearer $ATHENA_AUTH_TOKEN"
# auth.apiKey.verify() -> POST /api-key/verify
curl -X POST "$ATHENA_AUTH_BASE_URL/api-key/verify" \
-H "content-type: application/json" \
-H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
-d '{"...":"See OpenAPI requestBody schema"}'
# auth.apiKey.deleteAllExpired() -> POST /api-key/delete-all-expired-api-keys
curl -X POST "$ATHENA_AUTH_BASE_URL/api-key/delete-all-expired-api-keys" \
-H "content-type: application/json" \
-H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
-d '{"...":"See OpenAPI requestBody schema"}'use reqwest::Client;
use serde_json::json;
let base_url = "http://localhost:3001/api/auth";
let token = "<bearer-token>";
let http = Client::new();
// Adjust payload fields using the OpenAPI schema in this page.
// auth.apiKey.create() -> POST /api-key/create
let response = http
.post(format!("{base_url}/api-key/create"))
.bearer_auth(token)
.json(&json!({
"...": "See OpenAPI requestBody schema"
}))
.send()
.await?;
let _ = response.error_for_status()?;
// auth.apiKey.get() -> GET /api-key/get
let response = http
.get(format!("{base_url}/api-key/get"))
.bearer_auth(token)
.send()
.await?;
let _ = response.error_for_status()?;
// auth.apiKey.update() -> POST /api-key/update
let response = http
.post(format!("{base_url}/api-key/update"))
.bearer_auth(token)
.json(&json!({
"...": "See OpenAPI requestBody schema"
}))
.send()
.await?;
let _ = response.error_for_status()?;
// auth.apiKey.delete() -> POST /api-key/delete
let response = http
.post(format!("{base_url}/api-key/delete"))
.bearer_auth(token)
.json(&json!({
"...": "See OpenAPI requestBody schema"
}))
.send()
.await?;
let _ = response.error_for_status()?;
// auth.apiKey.list() -> GET /api-key/list
let response = http
.get(format!("{base_url}/api-key/list"))
.bearer_auth(token)
.send()
.await?;
let _ = response.error_for_status()?;
// auth.apiKey.verify() -> POST /api-key/verify
let response = http
.post(format!("{base_url}/api-key/verify"))
.bearer_auth(token)
.json(&json!({
"...": "See OpenAPI requestBody schema"
}))
.send()
.await?;
let _ = response.error_for_status()?;
// auth.apiKey.deleteAllExpired() -> POST /api-key/delete-all-expired-api-keys
let response = http
.post(format!("{base_url}/api-key/delete-all-expired-api-keys"))
.bearer_auth(token)
.json(&json!({
"...": "See OpenAPI requestBody schema"
}))
.send()
.await?;
let _ = response.error_for_status()?;import { client } from "./auth-client"
await client.auth.apiKey.create({
name: "mobile-client-key",
expiresIn: "3600",
remaining: "1000",
})
await client.auth.apiKey.get({
query: { id: "api_key_id" },
})
await client.auth.apiKey.update({
keyId: "api_key_id",
name: "mobile-client-key-updated",
expiresIn: "3600",
permissions: "{}",
})
await client.auth.apiKey.delete({ keyId: "api_key_id" })
await client.auth.apiKey.list()
await client.auth.apiKey.verify({
key: "prefix.secret",
})
await client.auth.apiKey.deleteAllExpired()OpenAPI Contract
Authorization
bearerAuth Bearer token authentication
In: header
Request Body
application/json
Name of the Api Key
Expiration time of the Api Key in seconds
User Id of the user that the Api Key belongs to. Useful for server-side only.
Prefix of the Api Key
Remaining number of requests. Server side only
Metadata of the Api Key
Amount to refill the remaining count of the Api Key. Server Only Property
Interval to refill the Api Key in milliseconds. Server Only Property.
The duration in milliseconds where each request is counted. Once the maxRequests is reached, the request will be rejected until the timeWindow has passed, at which point the timeWindow will be reset. Server Only Property.
Maximum amount of requests allowed within a window. Once the maxRequests is reached, the request will be rejected until the timeWindow has passed, at which point the timeWindow will be reset. Server Only Property.
Whether the key has rate limiting enabled. Server Only Property.
Response Body
application/json
application/json
application/json
application/json
application/json
application/json
application/json
curl -X POST "http://localhost:3001/api/auth/api-key/create" \ -H "Content-Type: application/json" \ -d '{ "expiresIn": "string", "remaining": "string" }'{
"id": "string",
"createdAt": "2019-08-24T14:15:22Z",
"updatedAt": "2019-08-24T14:15:22Z",
"name": "string",
"prefix": "string",
"start": "string",
"key": "string",
"enabled": true,
"expiresAt": "2019-08-24T14:15:22Z",
"userId": "string",
"lastRefillAt": "2019-08-24T14:15:22Z",
"lastRequest": "2019-08-24T14:15:22Z",
"metadata": {},
"rateLimitMax": 0,
"rateLimitTimeWindow": 0,
"remaining": 0,
"refillAmount": 0,
"refillInterval": 0,
"rateLimitEnabled": true,
"requestCount": 0,
"permissions": {
"property1": [
"string"
],
"property2": [
"string"
]
}
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}Authorization
bearerAuth Bearer token authentication
In: header
Query Parameters
The id of the Api Key
Response Body
application/json
application/json
application/json
application/json
application/json
application/json
application/json
curl -X GET "http://localhost:3001/api/auth/api-key/get"{
"id": "string",
"name": "string",
"start": "string",
"prefix": "string",
"userId": "string",
"refillInterval": 0,
"refillAmount": 0,
"lastRefillAt": "2019-08-24T14:15:22Z",
"enabled": true,
"rateLimitEnabled": true,
"rateLimitTimeWindow": 0,
"rateLimitMax": 0,
"requestCount": 0,
"remaining": 0,
"lastRequest": "2019-08-24T14:15:22Z",
"expiresAt": "2019-08-24T14:15:22Z",
"createdAt": "2019-08-24T14:15:22Z",
"updatedAt": "2019-08-24T14:15:22Z",
"metadata": {},
"permissions": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}Authorization
bearerAuth Bearer token authentication
In: header
Request Body
application/json
The id of the Api Key
The name of the key
Whether the Api Key is enabled or not
The number of remaining requests
The refill amount
The refill interval
The metadata of the Api Key
Expiration time of the Api Key in seconds
Whether the key has rate limiting enabled.
The duration in milliseconds where each request is counted.
Maximum amount of requests allowed within a window. Once the maxRequests is reached, the request will be rejected until the timeWindow has passed, at which point the timeWindow will be reset.
Response Body
application/json
application/json
application/json
application/json
application/json
application/json
application/json
curl -X POST "http://localhost:3001/api/auth/api-key/update" \ -H "Content-Type: application/json" \ -d '{ "keyId": "string", "expiresIn": "string", "permissions": "string" }'{
"id": "string",
"name": "string",
"start": "string",
"prefix": "string",
"userId": "string",
"refillInterval": 0,
"refillAmount": 0,
"lastRefillAt": "2019-08-24T14:15:22Z",
"enabled": true,
"rateLimitEnabled": true,
"rateLimitTimeWindow": 0,
"rateLimitMax": 0,
"requestCount": 0,
"remaining": 0,
"lastRequest": "2019-08-24T14:15:22Z",
"expiresAt": "2019-08-24T14:15:22Z",
"createdAt": "2019-08-24T14:15:22Z",
"updatedAt": "2019-08-24T14:15:22Z",
"metadata": {},
"permissions": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}Authorization
bearerAuth Bearer token authentication
In: header
Request Body
application/json
The id of the API key to delete
Response Body
application/json
application/json
application/json
application/json
application/json
application/json
application/json
curl -X POST "http://localhost:3001/api/auth/api-key/delete" \ -H "Content-Type: application/json" \ -d '{ "keyId": "string" }'{
"success": true
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}Authorization
bearerAuth Bearer token authentication
In: header
Response Body
application/json
application/json
application/json
application/json
application/json
application/json
application/json
curl -X GET "http://localhost:3001/api/auth/api-key/list"[
{
"id": "string",
"name": "string",
"start": "string",
"prefix": "string",
"userId": "string",
"refillInterval": 0,
"refillAmount": 0,
"lastRefillAt": "2019-08-24T14:15:22Z",
"enabled": true,
"rateLimitEnabled": true,
"rateLimitTimeWindow": 0,
"rateLimitMax": 0,
"requestCount": 0,
"remaining": 0,
"lastRequest": "2019-08-24T14:15:22Z",
"expiresAt": "2019-08-24T14:15:22Z",
"createdAt": "2019-08-24T14:15:22Z",
"updatedAt": "2019-08-24T14:15:22Z",
"metadata": {},
"permissions": "string"
}
]{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}Authorization
apiKeyCookie bearerAuth API Key authentication via cookie
In: cookie
Bearer token authentication
In: header
Request Body
application/json
Response Body
application/json
curl -X POST "http://localhost:3001/api/auth/api-key/verify" \ -H "Content-Type: application/json" \ -d '{ "key": "string" }'{
"valid": true,
"error": {
"message": "string",
"code": "string"
},
"key": {}
}Authorization
bearerAuth Bearer token authentication
In: header
Response Body
application/json
curl -X POST "http://localhost:3001/api/auth/api-key/delete-all-expired-api-keys"{
"deleted": 0
}