Security: Backend — implement API key authentication for service-to-service calls

[Hexstar-labs]

Description:
Internal service calls (e.g., contract event webhooks) need a separate auth mechanism from user JWTs.

Tasks:

• Add ApiKeyStrategy using passport-headerapikey
• Store hashed API keys in the database linked to a service account
• Protect internal endpoints (e.g., POST /credentials/issue) with API key auth
• Add POST /admin/api-keys to generate new API keys (Admin only)
• Rotate API keys without downtime

---

[afurious]

@afurious has applied to work on this issue as part of the Stellar Wave Program's 3rd wave.

I’m a smart contract developer who turns complex ideas into secure, production-ready blockchain code.
With strong skills in Rust and Solidity, I build systems that are fast, safe, and built to last.
My experience with the Stellar SDK lets me ship real-world Web3 solutions that actually move value

ℹ️ Repo Maintainers: To accept this application, review their application or assign @afurious to this issue.

[D240021]

@D240021 has applied to work on this issue as part of the Stellar Wave Program's 3rd wave.

Hi! 👋

I’d like to contribute to this issue.

I’m a full-stack developer currently getting started in Web3, and I think this project is a great opportunity to learn while contributing to something meaningful in the ecosystem. I have experience working with backend services, REST APIs, and web applications, and I’m motivated to collaborate and add value wherever possible.

Please let me know if I can take this issue. I’d be happy to work on it 🚀

ℹ️ Repo Maintainers: To accept this application, review their application or assign @D240021 to this issue.

[drips-wave]

Congratulations, @afurious! 🎉 Your application was accepted by the repo's maintainers, and the issue is due on March 30, 2026.

🧑‍💻 @afurious: Please resolve the issue such that the repo's maintainers have enough time to review your contribution before the due date. You'll earn Points for completing the issue on-time, which will make you eligible for a share of the Stellar Wave Program's reward pool.

Warning

When opening a PR, please link it to this issue to ensure it gets tracked accurately. Points are awarded when this issue is marked as completed by the maintainer.

🤠 Repo maintainers: Please keep an eye on the contributor's progress and review their work before the due date. You can manage this issue, including adjusting its complexity and points, here.

🌊 Happy Wave 🌊

[drips-wave]

This issue has been completed by @afurious as part of the Stellar Wave Program's 3rd Wave 🥳

😎 @afurious: You earned 200 Points for completing this issue! After the current Wave ends, you'll be eligible for a percentage of the Wave's reward pool based on the percentage of total points you've earned. Learn more here. You can also Leave a review to share your experience working on this issue.

🧑‍💻 Repo maintainers: How'd the contributor do? Leave a review to share your experience working with them.