Skip to content

Fix UseAdminApiKey() not updating ApiKeyProviderType causing 401 errors #7095

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 3 commits into
base: develop/3.6.0
Choose a base branch
from
Draft

Fix UseAdminApiKey() not updating ApiKeyProviderType causing 401 errors #7095

wants to merge 3 commits into from
+8 −1

Conversation

Copy link
Contributor

Copilot AI commented Nov 21, 2025
edited
Loading

Users encounter 401 Unauthorized errors when accessing workflow instances after configuring .UseAdminApiKey(). The authentication middleware is configured correctly but dependency injection resolves the wrong provider type.

Root Cause

DefaultAuthenticationFeature.UseApiKeyAuthorization<T>() updates the authentication builder but fails to update the ApiKeyProviderType property, creating a mismatch:

// Before: Auth middleware uses AdminApiKeyProvider, but DI still registers DefaultApiKeyProvider
public DefaultAuthenticationFeature UseApiKeyAuthorization<T>() where T : class, IApiKeyProvider
{
    _configureApiKeyAuthorization = builder => builder.AddApiKeyInAuthorizationHeader<T>();
    // Missing: ApiKeyProviderType = typeof(T);
    return this;
}

Changes

  • DefaultAuthenticationFeature.cs: Add ApiKeyProviderType = typeof(T) to synchronize auth middleware and DI registrations
  • Elsa.Server.Web/Program.cs: Enable UseAdminApiKey() in Development environment for easier local testing

Usage

.UseDefaultAuthentication(auth =>
{
    if (builder.Environment.IsDevelopment())
        auth.UseAdminApiKey(); // Now correctly accepts API key: 00000000-0000-0000-0000-000000000000
})
Original prompt

This section details on the original issue you should resolve

<issue_title>How to authorize workflow instances for employee onboarding process?</issue_title>
<issue_description>Teacher,Hi
The following is an example of an error in the employee onboarding process:

Image Image

Image</issue_description>

<agent_instructions>Try and see if you can identify the likely root cause of the reported symptom. The UI portion of the bug report comes from Elsa Studio, which exists at: https://github.com/elsa-workflows/elsa-studio, in case you want to check that out as well.</agent_instructions>

Comments on the Issue (you are @copilot in this section)

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

This change is Reviewable

Copilot AI changed the title [WIP] Fix error in employee onboarding workflow authorization Fix UseAdminApiKey() not updating ApiKeyProviderType causing 401 errors Nov 21, 2025
Copilot finished work on behalf of sfmskywalker November 21, 2025 22:11
Copilot AI requested a review from sfmskywalker November 21, 2025 22:11
@sfmskywalker sfmskywalker mentioned this pull request Nov 21, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sfmskywalker sfmskywalker Awaiting requested review from sfmskywalker

Assignees

@sfmskywalker sfmskywalker

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@sfmskywalker