Skip to main content

Authenticate using API keys

You can authenticate incoming Quorum Key Manager (QKM) requests using API keys.

Specify an API key file with the --auth-api-key-file command line option when starting QKM.


Starting Quorum Key Manager with API key authentication

key-manager run --auth-api-key-file=api_key_file.csv --manifest-path=/config/default.yml

API key file

The API key file is a CSV file with four columns:

Each CSV line must be a unique API key and all API keys must be in UUID V4 format.

Example API key file

To extract an API key, QKM uses the standard HTTP basic authentication scheme with a blank username and the API key as the password:

Authorization: Basic <base64({apiKey})>

If a user passes an API key that's in the CSV file, user information from the corresponding line in the CSV file is attached to the request.