What do you use for API Key Management?
Many developer portals allow you to generate API Keys. Is there a SaaS service that is powering these or is all of that logic being built in-house?
If you're using AWS parameter store is pretty good! You can set permissions, have different keys for different environments, and lock them with keys. If you need more advanced functionality there are other options too.
Its part of the authorization. The only thing i can think of is the use of JWT for auth.
you log into one and get an jwt and the application checks it.
Kong works well, you can choose from various options like just header api key or a key pair or hmac signature based auth from your clients.
API key authentication is not very hard, and is typically pretty application-specific.
What is stopping you from doing it in-house?
Typically an API gateway is behind a lot of these. Lookup KrakenD, Gloo Mesh as examples.