How to use a custom API Key in Elsa

Craig Boucher Elsa 3 January 31, 2025

When using default authentication and UseAdminApiKey with the following startup code in Elsa, it defaults to an empty GUID.

elsa.UseDefaultAuthentication(auth => auth.UseAdminApiKey());

So how do you use your own custom API key? Start by creating a class that implements the AspNetCore.Authentication.ApiKey.IApiKeyProvider interface. Here is an example class that gets a key from appsettings.json.

using AspNetCore.Authentication.ApiKey;
using Elsa.Identity.Models;
using System.Security.Claims;

namespace ElsaServer.Extensions;

public class AppSettingsApiKeyProvider : IApiKeyProvider
{
    private string? defaultApiKey;

    public AppSettingsApiKeyProvider(IConfiguration configuration)
    {
        defaultApiKey = configuration["ApiKey"];
    }

    public Task<IApiKey?> ProvideAsync(string key)
    {
        if (key != defaultApiKey)
            return Task.FromResult<IApiKey?>(null);
        var claims = new List<Claim> { new("permissions", "*") };
        var apiKey = new ApiKey(key, "admin", claims);
        return Task.FromResult<IApiKey>(apiKey)!;
    }
}

Then specify your new class in UseDefaultAuthentication like…

elsa.UseDefaultAuthentication(auth => auth.UseApiKeyAuthorization<AppSettingsApiKeyProvider>());

Don’t forget to add an ApiKey setting to your appsettings.json.

How to use a custom API Key in Elsa

About: Craig Boucher