3. Security and Validation

mongoDBApiKeyStore

Uses a MongoDB collection as a store for API keys and their scopes. Each document in the collection must use the API key as its {@code _id} and may define an array field {@code scopes} listing the allowed scopes.

Example MongoDB document: 

 {
   "_id": "123456",
   "scopes": ["read", "write"]
 }

Configuration example: 

 <apiKey>
   <mongoDBApiKeyStore
       connection="mongodb://localhost:27017"
       database="security"
       collection="apikeys"/>
 </apiKey>

Can be used in:

apiKey and bean

Attributes

NameRequiredDefaultDescriptionExample
database false - The database name where API keys are stored.
security
connection false - MongoDB connection string.
mongodb://localhost:27017
collection false - The collection name within the database containing the API key documents.
apikeys