how to config AUTH in mastra cloud?
Hi, whats the right way to protect a deployment on mastra cloud?
i'm using the middleware to add a custom API endpoint, I can access it on the dashboard but i cannot see the "agents" and "workflows"
i understand this is due to the middleware, but whats the right way to do this?
8 Replies
Hi @bryan_3mavericks ! Which auth middleware are you using?
hi, im following https://mastra.ai/en/docs/server-db/middleware
Middleware
Apply custom middleware functions to intercept requests.
i customized it for my own use case.
when i deployed to mastra cloud, i need to use my own API key to invoke the api.
It's just in the playground, i cannot see the agents/workflows anymore
perhaps im doing wrong. But i just want to deploy to mastra cloud and protect the endpoints, and still be able to see the agents in playground
I see! Thanks for the additional info. Yes, that's because the playground uses the API and since it doesn't send the API key, nothing gets displayed. Let me check something.
ya i figured that, is there a way to fix that? its great to see the deployment + playground on cloud, just need to protect it
Do you need to provide the API key in a header?
ideally, im calling from other places.
how do you guys usually do this? the deployment can't be just open to public right
i fixed it. thanks
So, usually people use our
experimental_auth approach instead of a normal middleware, you basicaly need to implement one of our already made auth provider, or implement our MastraAuthProvider class (these basically use the usual authorization: bearer ... approach.) We don't support other ways of authentication at the moment, but we'll be adding the ability to add custom headers through the playground.