Axios Basic Auth with API key Example in Node

Question

There is a curl request like this:

curl -X GET --header 'Accept: application/json' --header 'Authorization: Basic [==APIKEYHERE==]' 'https://apipath.com/path?verbose=true'

I removed the APIKEY and the API path for privacy.

The curl request is working fine, I can't figure out how to convert this into an Axios request since it only needs an API key and not a username and password.

Here is the example I found:

axios.get('https://apipath.com/path?verbose=true', {}, {auth: {username: 'username', password: 'password'}})
    .then(function(response) {
      console.log(response.data, 'api response');
    })

I'm not sure how to get this to work for my case?

zero298 · Answer 1 · 2019-07-29T17:59:05.667

Given the cURL command including --header 'Authorization: Basic [==APIKEYHERE==]', you know that the server wants a header sent using the Basic authentication scheme. That means that your API key is both the username and password joined by a : and encoded with Base64. So, you can decode what the username and password should be by decoding your API key with Base64 and seeing the values joined by the colon.

Consider the spec detailed on MDN: Authorization Header

So if your API key is Ym9iOnBhc3N3b3JkMQ==, and you decode it with Buffer.from("API_KEY", "base64").toString(), you would get the value bob:password1 meaning your username is bob and your password is password1 making your request:

const [username, password] = Buffer.from("YOUR_API_KEY", "base64").toString().split(":");

axios.get('https://apipath.com/path?verbose=true', {}, {
    auth: {
      username,
      password
    }
  })
  .then(function(response) {
    console.log(response.data, 'api response');
  })

What do you mean where you say `decode it with whatever utility`? — Jordash, Jul 29 '19 at 17:54
@Jordash I mean, you need to decode the API key and either keep it decoded or decode it at runtime with node's Buffer functions. — zero298, Jul 29 '19 at 17:59

score 1 · Answer 2 · answered Jul 29 '19 at 18:08

You can define a function like this, then you can pass the token to header after login success.

import axios from "axios";

const setAuthToken = token => {
    if (token) { 
        // Apply to every request
        axios.defaults.headers.common["Authorization"] = token;
    } else {
        // Delete auth header
        delete axios.defaults.headers.common["Authorization"];
    }
};

axios.get('https://apipath.com/path?verbose=true', {}, {auth: {username: 'username', password: 'password'}})
.then(() => setAuthToken(response.token));

lopezdp · Accepted Answer · 2021-01-25T13:10:40.963

The short answer to adding an X-Api-Key to an http request with axios can be summed up with the following example:

        const url =
          "https://someweirdawssubdomain.execute-api.us-east-9.amazonaws.com/prod/custom-endpoint";

        const config = {
          headers: {
            "Content-Type": "application/json",
          },
        };

        // Add Your Key Here!!!
        axios.defaults.headers.common = {
          "X-API-Key": "******this_is_a_secret_api_key**********",
        };

        const smsD = await axios({
          method: "post",
          url: url,
          data: {
            message: "Some message to a lonely_server",
          },
          config,
        });

I was stuck for 8 hours trying to figure this out as the errors lined up in the queue, adding the key to the default headers was the only way I could get this to work.

Axios Basic Auth with API key Example in Node

3 Answers3