Lock down web UI using api key

I have set up several private agent machines in Azure.

I’m using the API to schedule tests, which is locked with a secret API key.

I would like to prevent users from scheduling tests via the Web UI, unless they enter a similar secret key.

After reading many of the posts and docs, I’m not sure how to configure that if it’s possible or where to specify that key when scheduling the test within the Web UI.

There is a “headless=1” setting that can go into settings.ini that will block the UI from being able to submit tests and make it work with the API only. There is no way to have a UI for entering the keys though.