should i disable hashing in apiKey plugin for my case?

so i want to create chrome extension that will function in mostly all sites:
-> the main better-auth instance:

tanstack start

tanstack start

tanstack start

tanstack start
-> the worker api:

hono

hono

hono

hono

and here's the flow:
-> user copy their

apiKey

apiKey

apiKey

apiKey in their profile dashboard in better-auth instance, which are coming from

key

key

key

key column in

apiKey

apiKey

apiKey

apiKey table.
-> user put their

apiKey

apiKey

apiKey

apiKey in chrome extension interface, without login
-> everytime user request, the

apiKey

apiKey

apiKey

apiKey will send to hono worker
-> hono request to better-auth instance to validate

apiKey

apiKey

apiKey

apiKey
-> hono run the logic if the

apiKey

apiKey

apiKey

apiKey valid

i try to use combination of

prefix

prefix

prefix

prefix

```
key
```
key
```
key
```
key
that stored in database to validate the apiKey using
```
auth.api.verifyApiKey()
```
auth.api.verifyApiKey()
```
auth.api.verifyApiKey()
```
auth.api.verifyApiKey()
, it turns out the key still invalid. i'm thinking about maybe this is because the value in database is not the real value of the apiKey, is that true?

r is there any better way?

Ibnu Rasikh - creatypestudio.coOP•6/9/25, 1:33 PM

Okay, problem solved! It sounds really silly, haha. But maybe someone else made the same mistake, so I’ll leave this thread here.

It turns out the actual value of the API key is only shown once, right after it's created—it's returned from a function at that moment. The user must copy the key immediately, or it will be lost forever.

should i disable hashing in apiKey plugin for my case?

Similar Threads

Similar Threads

Similar Threads