API Key Authentication

Use apiKey(...) when you want a simple shared-secret header on HTTP requests.

Basic example

import { apiKey, Redop } from "@redopjs/redop";

new Redop({ serverInfo: { name: "auth-demo" } })
  .use(
    apiKey({
      key: process.env.API_SECRET ?? "dev-secret",
    }),
  )
  .tool("ping", {
    handler: () => ({ ok: true }),
  });

Clients send:

x-api-key: dev-secret

Multiple valid keys

new Redop({ serverInfo: { name: "auth-demo" } }).use(
  apiKey({
    keys: ["dev-key-1", "dev-key-2"],
  }),
);

Custom validation

new Redop({ serverInfo: { name: "auth-demo" } }).use(
  apiKey({
    validateKey: async (value) => value.startsWith("sk-"),
  }),
);

Advanced

Use contextKey only if you want the validated key stored somewhere other than ctx.apiKey.

​Basic example

​Multiple valid keys

​Custom validation

​Advanced

​See also

Basic example

Multiple valid keys

Custom validation

Advanced

See also