from Hacker News

Implementing Public/Private key encryption for authenticating your API

by ndimares on 2/16/23, 5:50 PM with 1 comments

by ndimares on 2/16/23, 5:50 PM
Hi all! we wrote this post a couple weeks ago. The TL;DR is that we recently built an API Key authorization flow that can integrate into any API provider's Gateway and makes it trivially easy for them to provide their users self-service API key management: https://speakeasyapi.dev/docs/product-reference/speakeasy-pl...
To get that working we first evaluated every commonly-used auth method before deciding on a fairly unique approach, Signed Tokens as API Keys, but with 1 Signing Key Per API key.
Happy to answer any questions people have about this novel approach, or anything API auth related. If anyone wants to try out the tool here's the sign up for the waitlist: https://speakeasyapi.dev/request-access/