Preliminary Checks

• I have reviewed https://unkey.com/docs for existing features that would solve my problem

• I have searched for existing feature requests: https://github.com/unkeyed/unkey/issues

• This issue is not a question, general help request, or anything other than a feature request directly related to Unkey. Please ask questions in our Discord community: https://unkey.com/discord.

Is your feature request related to a problem? Please describe.

Sometimes you need to know the current config and limits of a key, but using the /v1/keys.getKey endpoint requires a keyId, which you don't always have available.

Describe the solution

Create a new POST /v1/keys.whoami endpoint in /apps/api/src/routes as well as a testcase for it. Then register the handler in /apps/api/src/worker.ts.

I suggest copying another handler file and modifying, so you can reuse the basic structure of the openapi validation.

The endpoint must receive the following payload in a POST request:

{
  key: string
}

and be authenticated via a rootKey in the Authorization header.
The root key must have the api.${apiId}.read_key or api.*.read_key permissions.

It must return the following json payload:

{
    id: string,
    name?: string,
    remaining?: number,
    identity?: {
      id: string,
      externalId: string,
    },
    meta?: unknown,
    createdAt: number,
    enabled: boolean,
    environment?: string,
}

General flow of the handler:

1. parse the key from the request
2. hash it using sha256, there's an internal library for it
3. look up the key in the db by querying for its hash, include its api and identity relations
4. do a root key auth check, and include the above mentioned permissions
5. return 404 if not found or deleted
6. return structured json as mentioned above

Describe alternatives you have considered (if any)

No response

Additional context

No response