diff --git a/packages/bruno-cli/src/runner/prepare-request.js b/packages/bruno-cli/src/runner/prepare-request.js
index 11963bd296..0e7e009468 100644
--- a/packages/bruno-cli/src/runner/prepare-request.js
+++ b/packages/bruno-cli/src/runner/prepare-request.js
@@ -36,7 +36,7 @@ const prepareRequest = (item = {}, collection = {}) => {
   };
 
   const collectionAuth = get(collection, 'root.request.auth');
-  if (collectionAuth && request.auth?.mode === 'inherit') {
+  if (collectionAuth && request?.auth?.mode === 'inherit') {
     if (collectionAuth.mode === 'basic') {
       axiosRequest.auth = {
         username: get(collectionAuth, 'basic.username'),
@@ -48,26 +48,26 @@ const prepareRequest = (item = {}, collection = {}) => {
       axiosRequest.headers['Authorization'] = `Bearer ${get(collectionAuth, 'bearer.token')}`;
     }
 
-    if (collectionAuth.mode === 'apikey') {
-      if (collectionAuth.apikey?.placement === 'header') {
-        axiosRequest.headers[collectionAuth.apikey?.key] = collectionAuth.apikey?.value;
-      }
-      
-      if (collectionAuth.apikey?.placement === 'queryparams') {
-        if (axiosRequest.url && collectionAuth.apikey?.key) {
-          try {
-            const urlObj = new URL(request.url);
-            urlObj.searchParams.set(collectionAuth.apikey?.key, collectionAuth.apikey?.value);
-            axiosRequest.url = urlObj.toString();
-          } catch (error) {
-            console.error('Invalid URL:', request.url, error);
-          }
+    if (collectionAuth.mode === 'apikey'){
+      const placement = get(collectionAuth, "apikey.placement");
+      const key = get(collectionAuth, "apikey.key");
+      const value = get(collectionAuth, "apikey.value");
+
+      if (placement === 'header') {
+        axiosRequest.headers[key] = value;
+      } else if (placement === 'queryparams') {
+        try {
+          const urlObj = new URL(request.url);
+          urlObj.searchParams.set(key, value);
+          axiosRequest.url = urlObj.toString();
+        } catch (error) {
+          console.error('Invalid URL:', request.url, error);
         }
       }
     }
   }
 
-  if (request.auth && request.auth.mode !== 'inherit') {
+  if (request?.auth) {
     if (request.auth.mode === 'basic') {
       axiosRequest.auth = {
         username: get(request, 'auth.basic.username'),
@@ -98,6 +98,24 @@ const prepareRequest = (item = {}, collection = {}) => {
       axiosRequest.headers['Authorization'] = `Bearer ${get(request, 'auth.bearer.token')}`;
     }
 
+    if (request.auth.mode === 'apikey') {
+      const placement = get(request, "auth.apikey.placement");
+      const key = get(request, "auth.apikey.key");
+      const value = get(request, "auth.apikey.value");
+
+      if (placement === 'header') {
+        axiosRequest.headers[key] = value;
+      } else if (placement === 'queryparams') {
+        try {
+          const urlObj = new URL(request.url);
+          urlObj.searchParams.set(key, value);
+          axiosRequest.url = urlObj.toString();
+        } catch (error) {
+          console.error('Invalid URL:', request.url, error);
+        }
+      }
+    }
+
     if (request.auth.mode === 'wsse') {
       const username = get(request, 'auth.wsse.username', '');
       const password = get(request, 'auth.wsse.password', '');
diff --git a/packages/bruno-tests/src/auth/apiKey.js b/packages/bruno-tests/src/auth/apiKey.js
new file mode 100644
index 0000000000..683b8c01c8
--- /dev/null
+++ b/packages/bruno-tests/src/auth/apiKey.js
@@ -0,0 +1,28 @@
+const express = require('express');
+const router = express.Router();
+
+const VALID_API_KEY = 'my-secret-api-key';
+const VALID_KEY_NAME = 'api-key';
+
+const apiKeyAuthMiddleware = (req, res, next) => {
+  const apiKeyFromHeader = req.headers[VALID_KEY_NAME.toLowerCase()];
+  const apiKeyFromQuery = req.query[VALID_KEY_NAME];
+
+  const apiKey = apiKeyFromHeader || apiKeyFromQuery;
+
+  if (!apiKey) {
+    return res.status(401).json({ error: 'API key missing' });
+  }
+
+  if (apiKey !== VALID_API_KEY) {
+    return res.status(403).json({ error: 'Invalid API key' });
+  }
+
+  next();
+};
+
+router.post('/protected', apiKeyAuthMiddleware, (req, res) => {
+  res.status(200).json({ message: 'You have accessed a protected route!' });
+});
+
+module.exports = router;
diff --git a/packages/bruno-tests/src/auth/index.js b/packages/bruno-tests/src/auth/index.js
index e26a655294..bc2dd4e49f 100644
--- a/packages/bruno-tests/src/auth/index.js
+++ b/packages/bruno-tests/src/auth/index.js
@@ -5,6 +5,7 @@ const authBearer = require('./bearer');
 const authBasic = require('./basic');
 const authWsse = require('./wsse');
 const authCookie = require('./cookie');
+const apiKey = require('./apiKey');
 const authOAuth2PasswordCredentials = require('./oauth2/passwordCredentials');
 const authOAuth2AuthorizationCode = require('./oauth2/authorizationCode');
 const authOAuth2ClientCredentials = require('./oauth2/clientCredentials');
@@ -16,5 +17,6 @@ router.use('/bearer', authBearer);
 router.use('/basic', authBasic);
 router.use('/wsse', authWsse);
 router.use('/cookie', authCookie);
+router.use('/apiKey', apiKey);
 
 module.exports = router;