Securing APIs with key authentication

You're building a secure API and need to implement API key verification. The API will check for a key in the X-API-Key header of each request and verify it against a predefined secret. You'll use FastAPI's built-in security features to implement this authentication system.

The FastAPI and HTTPException classes have been pre-imported.

This exercise is part of the course

Deploying AI into Production with FastAPI

Exercise instructions

Import the necessary function to handle dependencies from FastAPI.
Create an API key header instance to create a dependency to validate incoming API key in the request.
Complete the verify_api_key function by checking the incoming api_key with the predefined secret key.
Raise an HTTP exception when an invalid key is passed in the request.

Hands-on interactive exercise

Have a go at this exercise by completing this sample code.

# Import the function that handles dependencies
from fastapi import ____
from fastapi.security import APIKeyHeader

# Create the API key instance
api_key_header = ____(name="X-API-Key")
API_KEY = "your_secret_key"

# Pass the APIKeyHeader instance and verify against input api_key
def verify_api_key(api_key: str = Depends(____)):
    if api_key != ____:  
      	# Raise the HTTP exception here
        raise ____(status_code=403, detail="Invalid API Key")  
    return api_key

Edit and Run Code

This exercise is part of the course

Deploying AI into Production with FastAPI

AdvancedSkill Level

4.8+

Start Course for Free

Start serving your ML model's predictions via FastAPI endpoints. You'll learn to load pre-trained ML models and create API endpoints to serve predictions as serialized responses over HTTP requests. You'll leverage Pydantic data models to validate requests and responses.

Exercise 1: GET and POST requests for AI Exercise 2: GET endpoint for model information Exercise 3: POST endpoint for model registration Exercise 4: FastAPI prediction with a pre-trained model Exercise 5: Load the pre-trained model Exercise 6: Create the prediction endpoint Exercise 7: Running the FastAPI app Exercise 8: Request and response models Exercise 9: Create a Pydantic model for ML input Exercise 10: Validate request and response for ML prediction

Learn how to serve machine learning models through FastAPI endpoints. This chapter covers creating endpoints that return predictions, handling different types of input data, and implementing robust input validation. You'll build production-ready APIs that can validate different types of input data while having ML models loaded at server startup with zero downtime.

Exercise 1: Handling different input types in FastAPI Exercise 2: Handle textual request data Exercise 3: Handle numerical request data Exercise 4: Input validation in FastAPI Exercise 5: Field validation Exercise 6: Adding custom validators Exercise 7: Testing custom validators Exercise 8: Loading a pre-trained model Exercise 9: Loading AI model at server startup Exercise 10: Health-check API for model loading Exercise 11: Returning structured prediction response Exercise 12: Returning structured output from API Exercise 13: Testing the endpoint for structured response

This chapter covers securing APIs with key-based authentication, managing request rates with custom rate limiting, and improving performance through asynchronous processing. You'll learn to protect endpoints, prevent abuse, and handle time-consuming tasks efficiently, preparing your API for production.

Exercise 1: API Key Authentication Exercise 2: Securing APIs with key authentication

Current Exercise

Exercise 3: Secure the API endpoint Exercise 4: Rate Limiting Exercise 5: Implementing rate limiter Exercise 6: Add rate limiting to endpoint Exercise 7: Asynchronous processing Exercise 8: Create an async sentiment analysis endpoint Exercise 9: Implementing background tasks Exercise 10: Handling timeout errors

This chapter covers advanced topics that will enable you to support FastAPI apps long term in production. Topics include versioning and documenting API endpoints, advanced input validation to support more complex input and output, and monitoring and logging to ensure apps are running correctly and troubleshoot live when they are not.

Exercise 1: API versioning and documentation Exercise 2: Classify code changes for new endpoint versions Exercise 3: Adding a new endpoint version Exercise 4: Adding an API description header Exercise 5: Advanced input validation and error handling Exercise 6: Nesting models Exercise 7: Custom model validator Exercise 8: Global exception handler Exercise 9: Monitoring and logging Exercise 10: Logging time to load a model Exercise 11: Adding a simple health check endpoint Exercise 12: Sharing model parameters with monitoring Exercise 13: Wrap-up