How to secure spring Boot API with API key and secret

Question

I am trying to secure the Spring boot API end points. I would want to pass only api key and secret as part of the header to call the API. I tried this code posted in this link. but getting access denied while calling the api with Authorization in header. Securing Spring Boot API with API key and secret I would like to know what i should pass as part of the header, so that i can get successful response from the API I did the below steps: I added the below entry in the application.properties

myapp.http.auth-token-header-name=samplekey
myapp.http.auth-token=abc123

And am trying to pass in the header as below Authorization:myapp.http.auth-token-header-name=samplekey,myapp.http.auth-token=abc123

I am having this same issue. Did you find a solution? – rabowlen Jun 13 '20 at 18:04 — rabowlen, Jun 13 '20 at 18:04

score 1 · Answer 1 · answered Jun 11 '20 at 11:28

With the example values you show, you need to provide the header with name "samplekey" and value "abc123".

GET / HTTP/1.1
Host: example.com
samplekey: abc123

Or, if you put this in the configuration:

myapp.http.auth-token-header-name=X-API-KEY
myapp.http.auth-token=abc123

then you will need to provide the header with name "X-API-KEY" and value "abc123".

GET / HTTP/1.1
Host: example.com
X-API-KEY: abc123

How to secure spring Boot API with API key and secret

1 Answers1

Linked