Question 1

How does FastAPI simple security compare to FastAPI-JWT for authentication?

Accepted Answer

FastAPI simple security is focused on API-key authentication with local storage, ideal for simplicity and zero-configuration, while FastAPI-JWT uses JSON Web Tokens for stateless authentication, better suited for distributed systems. Choose based on whether you need lightweight API keys or token-based security with more scalability.

Question 2

How to persist API keys when using FastAPI simple security with Docker?

Accepted Answer

Use a bind mount for the SQLite database file by setting the FASTAPI_SIMPLE_SECURITY_DB_LOCATION environment variable to a persistent volume. This ensures that API keys are retained across container restarts, as recommended in the README for Docker deployments.

Question 3

Is FastAPI simple security production-ready?

Accepted Answer

It's designed for development and single-server deployments, with limitations for distributed systems. For production, consider if the local SQLite backend and single secret key model meet your security and scalability requirements, as the README cautions against distributed use.

Question 4

How do I revoke an API key in FastAPI simple security?

Accepted Answer

Authenticate with the secret key using the administrator endpoints, then call the revocation endpoint either through the API docs or programmatically. This is part of the built-in key lifecycle management features.

Question 5

Does FastAPI simple security support OAuth or social logins?

Accepted Answer

No, it only provides API-key authentication. For OAuth or external identity providers, you would need to use other FastAPI extensions or custom implementations, as this package is minimalistic by design.

Question 6

How to hide the authentication endpoints from the API documentation?

Accepted Answer

Set the environment variable FASTAPI_SIMPLE_SECURITY_HIDE_DOCS to true, which will conceal the key management endpoints from the generated docs. This is useful for security when automating key creation, as mentioned in the configuration section.

FastAPI Simple Security

What is FastAPI Simple Security?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions