Skip to content

Add INITIAL_ADMIN_API_KEY environment variable support #1027

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 6 commits into
base: master
Choose a base branch
from
Open

Add INITIAL_ADMIN_API_KEY environment variable support #1027

wants to merge 6 commits into from

Conversation

rsp2k
Copy link

@rsp2k rsp2k commented Sep 7, 2025

  • Add configuration parameter for initial admin API key
  • Implement getInitialAdminApiToken() method in AbstractMultiPlatformMigration
  • Create migration to automatically generate admin API token on initial setup

Ryan Malloy and others added 3 commits September 7, 2025 08:38
Add INITIAL_ADMIN_API_KEY environment variable support
c498803 
- Add configuration parameter for initial admin API key
- Implement getInitialAdminApiToken() method in AbstractMultiPlatformMigration
- Create migration to automatically generate admin API token on initial setup
- Add CLAUDE.md to .gitignore for local development documentation
Add INITIAL_ADMIN_API_KEY documentation
99cd180 
- Document environment variable in configuration.md
- Add section to API authentication documentation
- Include examples in Docker installation guide for both SQLite and MySQL setups
- Provide usage instructions for CI/CD and automated deployments
@rsp2k
Merge branch 'Part-DB:master' into feature/initial-admin-api-key
f9e7fb4
@jbtronics
Copy link
Member

What is your use case for this?
I don't have much of a problem with such a feature, but I never thought that having an API key from the start would be useful?

And maybe a console command to programmatically create API keys would be more useful than doing that in the database migration ?

@rsp2k
Copy link
Author

rsp2k commented Sep 19, 2025

I'm using it to bootstrap servers while testing. Thank you so much for this absolutely wonderful project! Hats off to you sir!

@jbtronics
Copy link
Member

jbtronics commented Sep 23, 2025
edited
Loading

What would you say about restricting the lifetime of the API token to a week (or even just a day)?
That should be enough for testing and bootstrapping applications and should improve security, as you do not risk unauthorized access, if you somehow forget this token or its secret get leaked.

Also I would not put the env into the docker-env templates. That is an feature for advanced usecases, and if you put it into the docker-compose file, then it will probably stay there forever, risking it to be leaked somehow...

@codecov Codecov

This comment was marked as off-topic.

Sign in to view
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@rsp2k @jbtronics