Cannot authenticate with API key

[rulzart]

Hi,

I am having issues with authenticating with Api-Key through Postman (on localhost).

It throws the error "authentication credentials were not provided."

Am I missing something? If I try with Basic authentication, then it works just fine.

[florimondmanca]

Hey,

You might need to check how you’re passing the API key exactly.

Do you have a snippet of the HTTP header that’s being sent to the server?

Normally the format would be:

Authorization: Api-Key […]

https://florimondmanca.github.io/djangorestframework-api-key/guide/#making-authorized-requests

[rulzart]

I have tried both so it looks like this:
curl --location --request POST 'http://127.0.0.1:8000/subscriptions/check-subscription/'
--header 'Authorization: Api-Key '
--data ''

and this:
curl --location --request POST 'http://127.0.0.1:8000/subscriptions/check-subscription/'
--header 'Api-Key: '
--data ''

No luck either way

[florimondmanca]

OK, if you've got the default setup, I'd expect the first usage to work.

So, let me ask for a few things...

• Which version of Python, DRF, and DRF-api-key do you use?
• Depending on how you've set up permissions, what do your global DEFAULT_PERMISSION_CLASSES or per-view permission_classes look like?
• Do you use any customized settings, such as API_KEY_CUSTOM_HEADER?
• Do you use any other customization (custom API key models, permission classes, other?)
• Ideally, do you have a minimal reproduction repo or list of steps to reproduce?

[rulzart]

Ok, I am so sorry, I seem to have found the error... I spent like 2 hours yesterday trying to get it to work, and it drove me crazy :D

Next thing is, that it now needs the correct API key, since I'm using the AbstractAPIKey class. But when I try to create one in the admin portal it gives me the following error:
NoReverseMatch at /admin/applications/applicationapikey/add/
Reverse for 'applications_applicationapikey_change' with arguments '('',)' not found. 1 pattern(s) tried: ['admin/applications/applicationapikey/(?P<object_id>.+)/change/\Z']

It works fine when I create a normal API key

[florimondmanca]

I'd reiterate my questions on the customizations you've got — without a description of those it's hard to help you out much here.

For example, from the error message, it looks like you might have a different custom admin than what's expected with a default setup. Sharing the code for how you register the admin for the custom API key would be useful.

I would recommend following the customization documentation as closely as possible, at least to get the basics working. I reckon that part of the package isn't so easy to get right.