diff --git a/WorkFlow.API/Filters/ApiKeyAuthFilter.cs b/WorkFlow.API/Filters/ApiKeyAuthFilter.cs
new file mode 100644
index 0000000..052b391
--- /dev/null
+++ b/WorkFlow.API/Filters/ApiKeyAuthFilter.cs
@@ -0,0 +1,18 @@
+using Microsoft.AspNetCore.Mvc.Filters;
+using Microsoft.AspNetCore.Mvc;
+
+namespace WorkFlow.API.Filters
+{
+    public class ApiKeyAuthFilter(Func<string, bool> isValidKey, string apiKeyHeaderName = "X-API-Key") : IAuthorizationFilter
+    {
+        public void OnAuthorization(AuthorizationFilterContext context)
+        {
+            string? apiKey = context.HttpContext.Request.Headers[apiKeyHeaderName];
+
+            if (apiKey is null || !isValidKey(apiKey))
+            {
+                context.Result = new UnauthorizedResult();
+            }
+        }
+    }
+}
\ No newline at end of file