Class ApiKeyCredential.
Description
Represents the credential structure for API Key–based authentication. Implementations using this credential MUST treat the API key as an opaque secret. The value MUST NOT be logged, exposed, or transmitted to unauthorized parties, as possession of the key typically grants full authorization to the associated account or resource.
This class SHALL be returned by the Authorization::ApiKey parser
when the Authorization header contains a valid API key value. The key
MAY represent either a static key, a signed token, or any user-defined
string depending on the server's authentication strategy.
Interfaces
Properties
Methods
Creates a new API Key credential instance.
Creates a new API Key credential instance.
public
__construct(
string
$key) : mixed
Description
The provided key MUST be stored exactly as received and MUST NOT be modified or normalized internally. Any validation, expiration checks, or transformation logic MUST be performed by the caller or the authentication subsystem responsible for interpreting API keys.
Parameters
$key
:
string
Description
the raw API key provided by the client