elsa-workflows
Fix UseAdminApiKey() not updating ApiKeyProviderType causing 401 errors
Users encounter 401 Unauthorized errors when accessing workflow instances after configuring .UseAdminApiKey(). The authentication middleware is configured correctly but dependency injection resolves the wrong provider type.
Root Cause
DefaultAuthenticationFeature.UseApiKeyAuthorization<T>() updates the authentication builder but fails to update the ApiKeyProviderType property, creating a mismatch:
// Before: Auth middleware uses AdminApiKeyProvider, but DI still registers DefaultApiKeyProvider
public DefaultAuthenticationFeature UseApiKeyAuthorization<T>() where T : class, IApiKeyProvider
{
_configureApiKeyAuthorization = builder => builder.AddApiKeyInAuthorizationHeader<T>();
// Missing: ApiKeyProviderType = typeof(T);
return this;
}
Changes
-
DefaultAuthenticationFeature.cs: Add
ApiKeyProviderType = typeof(T)to synchronize auth middleware and DI registrations -
Elsa.Server.Web/Program.cs: Enable
UseAdminApiKey()in Development environment for easier local testing
Usage
.UseDefaultAuthentication(auth =>
{
if (builder.Environment.IsDevelopment())
auth.UseAdminApiKey(); // Now correctly accepts API key: 00000000-0000-0000-0000-000000000000
})
Original prompt
This section details on the original issue you should resolve
<issue_title>How to authorize workflow instances for employee onboarding process?</issue_title> <issue_description>Teacher,Hi The following is an example of an error in the employee onboarding process:
</issue_description>
<agent_instructions>Try and see if you can identify the likely root cause of the reported symptom. The UI portion of the bug report comes from Elsa Studio, which exists at: https://github.com/elsa-workflows/elsa-studio, in case you want to check that out as well.</agent_instructions>
Comments on the Issue (you are @copilot in this section)
- Fixes elsa-workflows/elsa-core#7092
💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.
This change is 
