Implement API Keys using Tesseral
This article explains how you can add API Keys to your app using Tesseral.
Sign up for Tesseral
If you haven’t already, sign up for Tesseral at console.tesseral.com and follow the Quickstart Guide.
Enable Managed API Keys
Go to the Authentication page in the Tesseral Console and click on “Configure Managed API Keys”.
Create a Backend API Key
Go to the API Keys page in the Tesseral Console and click on “Create Backend API Key”.
Copy the Backend API Key Secret Token. You will need it in the next step.
Enable API Keys in your backend code
In your backend code, configure an environment variable called
TESSERAL_BACKEND_API_KEY
. Set its value to the Backend API Key Secret Token
you copied in the previous step.
Next, you’ll need to enable API Key authentication in your backend code.
Express.js
Flask
FastAPI
Django
Go
Axum
Next.js
If you haven’t already, follow the Express.js Quickstart Guide.
Enable API Key authentication by passing enableApiKeys
to requireAuth
:
Enable Managed API Keys for an Organization
By default, Organizations don’t have Managed API Keys enabled. You must enable API Keys for an Organization in the Tesseral Console. (This is in service of letting you charge your customers for API access.)
To enable Managed API Keys for your customer, go to the Organizations page in the Tesseral Console. Go to the Organization’s API Keys tab, and enable Managed API Keys.
You will need to repeat this process for each Organization you want to enable
Managed API Keys for. You can use the
UpdateOrganization
endpoint in the Tesseral Backend API to automate this process.
(Optional) Create a Managed API Key
Once you have enabled Managed API Keys for your Project and in your backend code, you can create API Keys and your backend will recognize them as valid requests.
Your customers can create API Keys, or you can create them yourself from the Tesseral Console.
To create an API Key on your customers’ behalf, go to the Organizations page in the Tesseral Console. Under the Organization’s API Keys tab, click “Create API Key”.
From here, you can send an HTTP request to your backend code with the API Key
you just created. Include your newly created API Key’s secret token as the value
of the Authorization: Bearer
header. For example, if your new API Key secret
token is acme_sk_1234567890
, you can send an HTTP request with the following
header:
The capitalization of the word “Bearer” is important.