TsgcWSAPIKeyManager › Properties
Published properties grouped by purpose, followed by the full alphabetical list.
| Name | Description |
|---|---|
| Enabled | Master switch. When False, ValidateKey and IsRequestAuthorized always return True and server auto-hooks become no-ops. |
| Name | Description |
|---|---|
| Generation | Controls how plaintext keys are built by IssueKey: KeyPrefix, KeyLength, Charset and optional checksum. |
| Hashing | At-rest hash algorithm (SHA-256, SHA-512 or Bcrypt) with optional Salt and Iterations for key stretching. |
| Name | Description |
|---|---|
| Storage | Controls where hashed keys and audit log are kept: in memory, in an optionally encrypted file, or in user hooks. |
| Name | Description |
|---|---|
| Scopes | Catalog of allowed scope strings enforced when keys are issued or checked for a required scope. |
| Validation | How keys are extracted (header, query), transport rules (HTTPS, IP allowlist) and the FailClosed policy. |
| Expiration | Default TTL, enforcement flag and background sweep interval controlling how issued keys age out. |
| Rotation | Grace-period and auto-rotate settings that let a new key replace an old one without downtime. |
| Name | Description |
|---|---|
| RateLimit | Per-key rate-limit metadata (max requests per window) consumed by TsgcWSRateLimiter.PerAPIKey. |
| Name | Description |
|---|---|
| Audit | Ring-buffer and file-backed audit log of every key-lifecycle action with configurable retention. |
| Name | Description |
|---|---|
| Audit | Ring-buffer and file-backed audit log of every key-lifecycle action with configurable retention. |
| Enabled | Master switch. When False, ValidateKey and IsRequestAuthorized always return True and server auto-hooks become no-ops. |
| Expiration | Default TTL, enforcement flag and background sweep interval controlling how issued keys age out. |
| Generation | Controls how plaintext keys are built by IssueKey: KeyPrefix, KeyLength, Charset and optional checksum. |
| Hashing | At-rest hash algorithm (SHA-256, SHA-512 or Bcrypt) with optional Salt and Iterations for key stretching. |
| RateLimit | Per-key rate-limit metadata (max requests per window) consumed by TsgcWSRateLimiter.PerAPIKey. |
| Rotation | Grace-period and auto-rotate settings that let a new key replace an old one without downtime. |
| Scopes | Catalog of allowed scope strings enforced when keys are issued or checked for a required scope. |
| Storage | Controls where hashed keys and audit log are kept: in memory, in an optionally encrypted file, or in user hooks. |
| Validation | How keys are extracted (header, query), transport rules (HTTPS, IP allowlist) and the FailClosed policy. |