feat: App Keys API v2 (#10140)

# Which Problems Are Solved This PR *partially* addresses #9450 . Specifically, it implements the resource based API for app keys. This PR, together with https://github.com/zitadel/zitadel/pull/10077 completes #9450 . # How the Problems Are Solved - Implementation of the following endpoints: `CreateApplicationKey`, `DeleteApplicationKey`, `GetApplicationKey`, `ListApplicationKeys` - `ListApplicationKeys` can filter by project, app or organization ID. Sorting is also possible according to some criteria. - All endpoints use permissions V2 # TODO - [x] Deprecate old endpoints # Additional Context Closes #9450
2025-08-12 00:27:31 +00:00 · 2025-07-02 09:34:19 +02:00
parent 64a03fba28
commit fce9e770ac
19 changed files with 1350 additions and 69 deletions
--- a/internal/api/grpc/app/v2beta/query.go
+++ b/internal/api/grpc/app/v2beta/query.go
@@ -2,9 +2,13 @@ package app

 import (
 	"context"
+	"strings"
+
+	"google.golang.org/protobuf/types/known/timestamppb"

 	"github.com/zitadel/zitadel/internal/api/grpc/app/v2beta/convert"
 	filter "github.com/zitadel/zitadel/internal/api/grpc/filter/v2"
+	"github.com/zitadel/zitadel/internal/query"
 	app "github.com/zitadel/zitadel/pkg/grpc/app/v2beta"
 )

@@ -35,3 +39,38 @@ func (s *Server) ListApplications(ctx context.Context, req *app.ListApplications
 		Pagination:   filter.QueryToPaginationPb(queries.SearchRequest, res.SearchResponse),
 	}, nil
 }
+
+func (s *Server) GetApplicationKey(ctx context.Context, req *app.GetApplicationKeyRequest) (*app.GetApplicationKeyResponse, error) {
+	queries, err := convert.GetApplicationKeyQueriesRequestToDomain(req.GetOrganizationId(), req.GetProjectId(), req.GetApplicationId())
+	if err != nil {
+		return nil, err
+	}
+
+	key, err := s.query.GetAuthNKeyByIDWithPermission(ctx, true, strings.TrimSpace(req.GetId()), s.checkPermission, queries...)
+	if err != nil {
+		return nil, err
+	}
+
+	return &app.GetApplicationKeyResponse{
+		Id:             key.ID,
+		CreationDate:   timestamppb.New(key.CreationDate),
+		ExpirationDate: timestamppb.New(key.Expiration),
+	}, nil
+}
+
+func (s *Server) ListApplicationKeys(ctx context.Context, req *app.ListApplicationKeysRequest) (*app.ListApplicationKeysResponse, error) {
+	queries, err := convert.ListApplicationKeysRequestToDomain(s.systemDefaults, req)
+	if err != nil {
+		return nil, err
+	}
+
+	res, err := s.query.SearchAuthNKeys(ctx, queries, query.JoinFilterUnspecified, s.checkPermission)
+	if err != nil {
+		return nil, err
+	}
+
+	return &app.ListApplicationKeysResponse{
+		Keys:       convert.ApplicationKeysToPb(res.AuthNKeys),
+		Pagination: filter.QueryToPaginationPb(queries.SearchRequest, res.SearchResponse),
+	}, nil
+}