Strange SQL logging related to bearertoken and API

stefandv · September 12, 2019, 9:09am

Recently I switched on all DBG logging and now have some strange SQL call for EVERY api call I am doing:

[11:03:29 DBG] CreateContentTypeRequest/hasContentBody:True:POST:application/json:47:
[11:03:29 DBG] SQL: SELECT "Id", "UserAuthId", "Environment", "KeyType", "CreatedDate", "ExpiryDate", "CancelledDate", "Notes", "RefId", "RefIdStr", "Meta" FROM "auth"."ApiKey" WHERE "Id" = @Id
PARAMS: Id=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6InF5bCJ9.eyJpc3MiOiJzc2p3dCIsInN1YiI6NiwiaWF0IjoxNTY3NTExNTE5LCJleHA<tranceted-bearer-token>

So it is trying to use the bearer-token to check whether this is a valid API key.
Is this something new, or was it there all the time, and is it actually necessary?

mythz · September 12, 2019, 10:10am

Both the JWT and API Key Auth Providers send their keys in the HTTP Authorization Header Bearer Token, the API Key Auth Provider is checking whether the bearer token that’s sent is an API Key that it needs to authenticate with.

stefandv · September 12, 2019, 10:32am

Ok thanks; so I’ll try to suppress this message in my Serilog output then