Using The API Keys Filter

The APIKey Filter validates API Keys present in HTTP headers. The list of authorized API Keys is defined directly in a Secret. If an incoming request does not have the header specified by the APIKey Filter or it does not contain one of the key values configured by the Filter then the request is denied.

See the API Key Filter API reference for an overview of all the supported fields.

APIKey Filter Quickstart

Come up with an API Key value to use. For this example, we're going to use the string example-apikey-value
Convert the API Key value to base64.
You can do this however you prefer, such as with an online tool like base64encode.org or with the terminal:
Create an APIKey Filter with the encoded API Key from above:
If you want to create more APIKeys, you can continue to add them to your secret. The keys (key-1 in the example) used in the Secret do not matter, so you can name them whatever helps you keep track of the associated API Keys.
Create a FilterPolicy resource to use the Filter created above
Send a request with the APIKey header
The request was denied because the header was not found, but it will also be denied if you send the correct header with an invalid API Key.
Send a request with the APIKey header and value.
Success! Your requests are now validated against an APIKey Filter and will be denied if they do not supply a valid API key!

.css-1e2dcm1{z-index:1500;pointer-events:none;}.css-okvapm{z-index:1500;pointer-events:none;}Using The API Keys Filter

.css-1e2dcm1{z-index:1500;pointer-events:none;}.css-okvapm{z-index:1500;pointer-events:none;}APIKey Filter Quickstart

Using The API Keys Filter

APIKey Filter Quickstart