-
Notifications
You must be signed in to change notification settings - Fork 0
ApiKeyCredential
github-actions edited this page Mar 29, 2026
·
1 revision
Class ApiKeyCredential.
Represents the credential structure for API Key–based authentication. Implementations using this credential MUST treat the API key as an opaque secret. The value MUST NOT be logged, exposed, or transmitted to unauthorized parties, as possession of the key typically grants full authorization to the associated account or resource.
This class SHALL be returned by the
-
See: \FastForward\Http\Message\Header\Authorization\Authorization::ApiKey parser
when the
Authorizationheader contains a valid API key value. The key MAY represent either a static key, a signed token, or any user-defined string depending on the server's authentication strategy.
- Full name:
\FastForward\Http\Message\Header\Authorization\ApiKeyCredential - This class is marked as final and can't be subclassed
- This class implements:
\FastForward\Http\Message\Header\Authorization\AuthorizationCredential - This class is a Final class
public string $keyCreates a new API Key credential instance.
public __construct(string $key): mixedThe provided key MUST be stored exactly as received and MUST NOT be modified or normalized internally. Any validation, expiration checks, or transformation logic MUST be performed by the caller or the authentication subsystem responsible for interpreting API keys.
Parameters:
| Parameter | Type | Description |
|---|---|---|
$key |
string | the raw API key provided by the client |