api-key-lifecycle-pattern
CommunitySecurely issue, verify, and revoke API keys.
Software Engineering#api keys#security patterns#hashing#database indexing#key rotation#authentication middleware#admin cli
Authorsaintgo7
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill solves the security and operational risk of poorly designed API-key handling by ensuring raw keys are exposed only once, while all subsequent verification uses prefix lookup plus salted hashing.
Core Features & Use Cases
- API key lifecycle design: end-to-end flow covering issue (generate), verify (auth middleware), and revoke (disable without deleting), including rotation guidance.
- Fast lookup + safe storage: stores only
SHA256(salt + raw_key)in the database while using an indexed key_prefix (first 8 hex chars) to avoid full scans. - Operational tooling compatibility: defines a standard admin-cli command set (issue-key, list-keys, revoke-key, set-quota) with explicit rules about what data may be returned.
Quick Start
Ask your AI to implement an API key service that generates keys in the format gem_live_<32hex>, returns the raw key only at issuance time, verifies requests via prefix lookup plus salted SHA256, and revokes keys by setting revoked=true (never deleting rows).
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: api-key-lifecycle-pattern Download link: https://github.com/saintgo7/claude-skills/archive/main.zip#api-key-lifecycle-pattern Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.