Web API creating API keys

c# asp.net-web-api api-key

You are able to achieve by using HMAC Authentication. Basically, there might be a database table called ApiKey (apiKey, secretKey). Each client has each Apikey and secret Key:

  1. ApiKey is like a public key and will be sent over HTTP (similar with username).

  2. Secret Key is not sent over HTTP, use this secret key to do hmac some information and send hashed output to the server. From server side, based on the public key, you can get the relevent secret key and hash information to compare with hash output.

I have posted the detailed answer at: How to secure an ASP.NET Web API

You can change Username by ApiKey and Hashed Password by secret key on my answer to map with your idea.

Related

What is the difference between ValidatesOnNotifyDataErrors and ValidatesOnDataErrors and NotifyOnValidationError in WPF validation?
Camera position in world coordinate from cv::solvePnP
What is the JSON indentation level convention? [closed]
\text does not work in a matplotlib label
Understanding the simplest LLVM IR
Is python += string concatenation bad practice?
How to declare a type globally in a project (typescript)
Refresh and fetch an entity after save (JPA/Spring Data/Hibernate)
The 'CascadePackage' package did not load correctly
How to magnify in Chrome without scaling the page?
Outlook needs password
Customizing/Modifying the Bootscreen Animation