Auth API key
Hello, I'm planning to implement Auth via API keys inside HTTP actions from Convex.
Usage example: User creates account through Clerk on my website. Then do some data manipulation on the website (including creation of api key per project) and then he can load that data through HTTP actions with their api key, that way I can track usage and etc. Sooo simple SaaS model, nothing super special. But i was wondering if there are any articles/advices/libraries/best practices for Convex? I know that ideally I should hash keys on creation which technically shouldnt be a problem through vercel actions.
3 Replies
You can hash the key in Convex. In general anything you can do in Vercel actions you can do in Convex (and more).
I know, I was wondering from security standpoint and if there are any good examples of it. The creation with hash is fine but I'm not sure how to make validation correctly and if I need any special things
@Michal Srb Hi, may I ask if HTTP actions counts like "actions" inside Convex plan usage? (Or it counts as functions calls)
It counts as both.