API key creation, validation & developer platform integration
Project description
apikee · Python
API key plugin for Python — FastAPI, Flask, and Starlette.
Install
pip install apikee # local mode, zero deps
pip install "apikee[fastapi]" # + FastAPI middleware
pip install "apikee[server]" # + encrypted server channel
pip install "apikee[all]" # everything
pip install --pre apikee # latest beta pre-release
Configure
export APIKEE_SECRET=$(openssl rand -hex 32)
# Optional server mode — point to your self-hosted Apikee instance
export APIKEE_BASE_URL=https://apikee.example.com/api/v1
export APIKEE_SERVER_KEY=sk_...
export APIKEE_PROJECT_ENV=my-api-production
FastAPI
from apikee.fastapi import SecuredFastAPI, ApikeeDepends, require_scope
from apikee import ApikeeClaims
from fastapi import Depends
app = SecuredFastAPI() # reads APIKEE_SECRET — done
@app.post("/keys") # public endpoint — issue keys to customers
def create_key(tenant: str, scopes: str = "read,write"):
key = app.apikee.create(tenant, scopes=scopes.split(","))
return {"key": key} # store it — returned once
@app.get("/data")
def get_data(claims: ApikeeClaims = ApikeeDepends()):
return {"tenant": claims.tenant, "scopes": claims.scopes}
@app.delete("/admin", dependencies=[Depends(require_scope("admin"))])
def admin_action(): ...
Open /docs — every endpoint shows the 🔒 lock. Click Authorize, paste a key.
Flask
from flask import Flask
from apikee.flask import init_apikee, apikee_required, require_scope, get_claims
app = Flask(__name__)
init_apikee(app) # reads APIKEE_SECRET — done
@app.get("/data")
@apikee_required
def data():
return {"tenant": get_claims().tenant}
@app.delete("/admin")
@require_scope("admin")
def admin(): ...
Any ASGI
from apikee import Apikee
apikee = Apikee()
app.add_middleware(apikee.middleware) # claims at request.state.apikee
# Or inline, no middleware:
claims = apikee.protect(request.headers.get("x-api-key"))
Key rotation (zero downtime)
export APIKEE_SECRET=new-secret # new keys signed with this
# Old keys still validate during the rotation window — pass both to Apikee():
apikee = Apikee(secrets=["new-secret", "old-secret"])
Environment Variables (.env)
Python frameworks (FastAPI, Flask, Starlette/ASGI) use the same variables.
Required:
APIKEE_SECRET=replace-with-strong-random-secret
Optional (server mode — requires a running Apikee instance):
APIKEE_BASE_URL=https://apikee.example.com/api/v1
APIKEE_SERVER_KEY=sk_...
APIKEE_PROJECT_ENV=my-api-production
APIKEE_SERVER_PUBLIC_KEY=base64-x25519-public-key # enables payload encryption
APIKEE_PRIVATE_KEY="-----BEGIN PRIVATE KEY-----..." # enables RSA request signing
Project structure
apikee/ Library source — core + framework modules (FastAPI, Flask, server)
tests/ Test suite
examples/ Example apps (FastAPI, Flask, Starlette)
Contributing
See CONTRIBUTING.md for local setup, branch naming conventions, and the release process.
License
Docs
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file apikee-0.1.2b0.tar.gz.
File metadata
- Download URL: apikee-0.1.2b0.tar.gz
- Upload date:
- Size: 24.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
3cb398e70aac2c499d5f362230e60dd3dc2fa6a85f4adcf12a357a961260ff1d
|
|
| MD5 |
926b887f0c9a1c66b1e33a08ba889df6
|
|
| BLAKE2b-256 |
33e249dfeb9e6e7058e5e5ab2516192c16d292f46d83ac27a22e3fba0a1b423a
|
Provenance
The following attestation bundles were made for apikee-0.1.2b0.tar.gz:
Publisher:
release.yml on apikee-dev/python
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
apikee-0.1.2b0.tar.gz -
Subject digest:
3cb398e70aac2c499d5f362230e60dd3dc2fa6a85f4adcf12a357a961260ff1d - Sigstore transparency entry: 1984403450
- Sigstore integration time:
-
Permalink:
apikee-dev/python@93a863746ff5327d4af0a5db80affc4f268f3dd0 -
Branch / Tag:
refs/heads/dev - Owner: https://github.com/apikee-dev
-
Access:
private
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@93a863746ff5327d4af0a5db80affc4f268f3dd0 -
Trigger Event:
push
-
Statement type:
File details
Details for the file apikee-0.1.2b0-py3-none-any.whl.
File metadata
- Download URL: apikee-0.1.2b0-py3-none-any.whl
- Upload date:
- Size: 18.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
cd29d8b14e0b592c3182ee61c853779b5d93cd584d902d48aae33763aa4bf0f8
|
|
| MD5 |
167ad536196a22b802c9d7d1190847b6
|
|
| BLAKE2b-256 |
c2d2d747117307ea1015c6eb6b4c7906a7b7546e803f0ab6c4c637bb2e9ff551
|
Provenance
The following attestation bundles were made for apikee-0.1.2b0-py3-none-any.whl:
Publisher:
release.yml on apikee-dev/python
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
apikee-0.1.2b0-py3-none-any.whl -
Subject digest:
cd29d8b14e0b592c3182ee61c853779b5d93cd584d902d48aae33763aa4bf0f8 - Sigstore transparency entry: 1984403508
- Sigstore integration time:
-
Permalink:
apikee-dev/python@93a863746ff5327d4af0a5db80affc4f268f3dd0 -
Branch / Tag:
refs/heads/dev - Owner: https://github.com/apikee-dev
-
Access:
private
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@93a863746ff5327d4af0a5db80affc4f268f3dd0 -
Trigger Event:
push
-
Statement type: