PHPackages nivekaa/laravel-api-key - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. nivekaa/laravel-api-key ActiveLibrary[Authentication & Authorization](/categories/authentication) nivekaa/laravel-api-key ======================= Authorize requests to your Laravel application with API keys 1.1.3(6y ago)013MITPHPPHP >=5.5.9 Since Nov 4Pushed 6y agoCompare [ Source](https://github.com/nivekalara237/laravel-api-key)[ Packagist](https://packagist.org/packages/nivekaa/laravel-api-key)[ RSS](/packages/nivekaa-laravel-api-key/feed)WikiDiscussions master Synced today READMEChangelogDependenciesVersions (10)Used By (0) Laravel API Key Auth ==================== [](#laravel-api-key-auth) [![Total Downloads](https://camo.githubusercontent.com/570a16499335e218c0295fa8d401a9aaa1487ac602bd3bc35cc299964ed000da/68747470733a2f2f706f7365722e707567782e6f72672f6e6976656b616c6172613233372f6c61726176656c2d6170692d6b65792f642f746f74616c2e737667)](https://packagist.org/packages/nivekalara237/laravel-api-key)[![Latest Stable Version](https://camo.githubusercontent.com/14c3353b231763f74763c000dd30e06cd2f1f01431f6fe6a6df8811ce5606821/68747470733a2f2f706f7365722e707567782e6f72672f6e6976656b616c6172613233372f6c61726176656c2d6170692d6b65792f762f737461626c652e737667)](https://packagist.org/packages/nivekalara237/laravel-api-key)[![License](https://camo.githubusercontent.com/4b35d6d30bf027749a149741e11d70533779f06bb71aaa12faab0cdeb89c5b98/68747470733a2f2f706f7365722e707567782e6f72672f6e6976656b616c6172613233372f6c61726176656c2d6170692d6b65792f6c6963656e73652e737667)](https://packagist.org/packages/nivekalara237/laravel-api-key) The initial core files of this package was cloned from [ejarnutowski/laravel-api-key](https://github.com/ejarnutowski/laravel-api-key) Installation ------------ [](#installation) Run `composer require niveka/laravel-api-key`. In your `config/app.php` file, add the Laravel API Key service provider to the end of the `providers` array. ``` 'providers' => [ ... Nivekaa\LaravelApiKey\Providers\ApiKeyServiceProvider::class, ], ``` Publish the migration files ``` $ php artisan vendor:publish ``` Run the migrations ``` $ php artisan migrate ``` 3 new database tables will be created: - api\_keys - api\_key\_access\_events - api\_key\_admin\_events Managing Keys ------------- [](#managing-keys) Generate a new key using `php artisan apikey:generate {name}`. The name argument is the name of your API key. All new keys are active by default. ``` $ php artisan apikey:generate app1 // API key created // Name: app1 // Key: 0ZdNlr7LrQocaqz74k6usQsOsqhqSIaUarSTf8mxnHuQVh9CvKAfpUy94VvBmFMq ``` Deactivate a key using `php artisan apikey:deactivate {name}`. ``` $ php artisan apikey:deactivate app1 // Deactivated key: app1 ``` Activate a key using `php artisan apikey:activate {name}`. ``` $ php artisan apikey:activate app1 // Activated key: app1 ``` Delete a key. You'll be asked to confirm. Keys are [soft-deleted](https://laravel.com/docs/eloquent#soft-deleting) for record keeping. ``` $ php artisan apikey:delete app1 // Are you sure you want to delete API key 'app1'? (yes/no) [no]: // > yes // Deleted key: app1 ``` List all keys. The -D or --deleted flag includes deleted keys ``` $ php artisan apikey:list -D // +----------+----+-------------+---------------------+------------------------------------------------------------------+ // | Name | ID | Status | Status Date | Key | // +----------+----+-------------+---------------------+------------------------------------------------------------------+ // | app1 | 5 | deleted | 2017-11-03 13:54:51 | 0ZdNlr7LrQocaqz74k6usQsOsqhqSIaUarSTf8mxnHuQVh9CvKAfpUy94VvBmFMq | // | app2 | 1 | deleted | 2017-11-02 22:34:28 | KuKMQbgZPv0PRC6GqCMlDQ7fgdamsVY75FrQvHfoIbw4gBaG5UX0wfk6dugKxrtW | // | app3 | 3 | deactivated | 2017-11-02 23:12:34 | IrDlc7rSCvUzpZpW8jfhWaH235vJAqFwyzVWpoD0SLGzOimA6hcwqMvy4Nz6Hntn | // | app4 | 2 | active | 2017-11-02 22:48:13 | KZEl4Y2HMuL013xvg6Teaa7zHPJhGy1TDhr2zWzlQCqTxqTzyPTcOV6fIQZVTIU3 | // +----------+----+-------------+---------------------+------------------------------------------------------------------+ ``` Usage ----- [](#usage) ### Implementing Authorization [](#implementing-authorization) A new `auth.apikey` route middleware has been registered for you to use in your routes or controllers. Below are examples on how to use middleware, but for detailed information, check out [Middleware](https://laravel.com/docs/middleware) in the Laravel Docs. Route example ``` Route::get('api/user/1', function () { // })->middleware('auth.apikey'); ``` Controller example ``` class UserController extends Controller { /** * Instantiate a new controller instance. * * @return void */ public function __construct() { $this->middleware('auth.apikey'); } } ``` ### Authorizing Requests [](#authorizing-requests) In order to pass the `auth.apikey` middleware, requests must include an `X-Authorization` header as part of the request, with its value being an active API key. ``` X-API-KEY: KuKMQbgZPv0PRC6GqCMlDQ7fgdamsVY75FrQvHfoIbw4gBaG5UX0wfk6dugKxrtW ``` Unauthorized Requests --------------------- [](#unauthorized-requests) Requests that do not pass authorization will receive an HTTP 401 Status Code with the following response ``` { "success": false, "message": "Unautorized. Your API KEY is invalid", } ``` Event History ------------- [](#event-history) All API requests that pass authorization are logged in the `api_key_access_events` table. A record is created for each request with the following information: - api\_key\_id - ip\_address - url - created\_at - updated\_at Any time an API key is generated, activated, deactivated, or deleted, a record is logged in the `api_key_admin_events` table. Each record contains the following information: - api\_key\_id - ip\_address - event - created\_at - updated\_at License ------- [](#license) The Laravel API Key package is open-sourced software licensed under the [MIT license](http://opensource.org/licenses/MIT). ### Health Score 27 — LowBetter than 49% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity5 Limited adoption so far Community10 Small or concentrated contributor base Maturity64 Established project with proven stability Bus Factor1 Top contributor holds 50% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~107 days Recently: every ~45 days Total 9 Last Release 2247d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/9f10f9c8ab4bbe1b122ae64255c86b78057db8469634ca38415534b949f5fb2b?d=identicon)[nivekalara237](/maintainers/nivekalara237) --- Top Contributors [![nivekalara237](https://avatars.githubusercontent.com/u/33054249?v=4)](https://github.com/nivekalara237 "nivekalara237 (6 commits)")[![ejarnutowski](https://avatars.githubusercontent.com/u/753408?v=4)](https://github.com/ejarnutowski "ejarnutowski (3 commits)")[![ipimpat](https://avatars.githubusercontent.com/u/450038?v=4)](https://github.com/ipimpat "ipimpat (2 commits)")[![Clayboy](https://avatars.githubusercontent.com/u/1386860?v=4)](https://github.com/Clayboy "Clayboy (1 commits)") --- Tags apilaravelAuthenticationauthorizationapi-key ### Embed Badge ![Health badge](/badges/nivekaa-laravel-api-key/health.svg) ``` [![Health](https://phpackages.com/badges/nivekaa-laravel-api-key/health.svg)](https://phpackages.com/packages/nivekaa-laravel-api-key) ``` ### Alternatives [ejarnutowski/laravel-api-key Authorize requests to your Laravel application with API keys 157441.1k1](/packages/ejarnutowski-laravel-api-key)[auth0/login Auth0 Laravel SDK. Straight-forward and tested methods for implementing authentication, and accessing Auth0's Management API endpoints. 2745.0M3](/packages/auth0-login)[hasinhayder/tyro Tyro - The ultimate Authentication, Authorization, and Role & Privilege Management solution for Laravel 12 & 13 6712.1k2](/packages/hasinhayder-tyro) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)