API Key Authorization
Summary
The API Key feature provides an SAP BTP Cloud Foundry Administrator or Developer the ability to authorize API requests at the cloud layer. Configuring this feature causes the Connect application to authorize all incoming requests have a corresponding X-API-KEY
header value to the enosix__ApiKey
configuration.
Configuration Example
Securing a deployed Connect application using an API key is done by setting a User-Provided Variable with a key of enosix__ApiKey
(note the double underscores), and a generated opaque token value. After configuring the User-Provided Variable, the application will need to be restarted.
Usage
When the application has been restarted, the newly required X-API-KEY
header will be visible in the Open API Specification and the Swagger UI. Requests to these endpoints will be rejected with a 401 Unauthorized if the value of this header does not match the value of the User-Provided Variable.