apiKey
Send an API key as a header or query parameter, resolved at call time.
Use apiKey when an API authenticates with a static key and you want the stitch
to attach it as a request header, resolved at call time so the caller never sees
the secret.
Example
import { , , } from 'stitchapi';
const = ({
: 'https://api.example.com',
: '/search',
: ({ : ('API_KEY') }),
});Every call to search() sets the x-api-key header to the resolved key, behind
the capability boundary.
Options
value is the key itself — a literal string, or (preferred) a resolver like
env('API_KEY') so the secret is read at
call time and never committed.
header overrides the header name (default x-api-key, lowercased): pass
apiKey({ header: 'X-My-Key', value: env('API_KEY') }) to send the key under a
custom header.
apiKey only sets a header — it does not add a query parameter. For an API
that wants the key in the query string, set it through the request query
input instead.
See Reference → Auth strategies for every field.