@suluk/better-auth - v0.2.0
    Preparing search index...

    Function verifyApiKey

    • Verify an API key (optionally requiring scopes) and return a { scopes } Principal.

      DEVIATION from saastarter (receipted): saastarter never derives IDENTITY from verifyApiKey — identity comes from the session, and verifyApiKey is used ONLY to check scopes (services/auth.ts:133-147). Suluk's key-auth-only path uses the verified key's userId + permissions AS the Principal — an invented composition for stateless API callers that have no session. Result-returning (not throwing) to match the package idiom (preview.ts/principal.ts).

      Parameters

      Returns Promise<VerifyApiKeyResult>