Currently I have a process that a user can go through to get a JSON Web Token (JWT). This JWT is then used to set the X-Access-Token header for all http requests to the API. I am having trouble figuring out how to do this.
I believe it is possible to add to api_definition.yaml so that a field comes up where the user can enter their JWT, and this can then be added as a header to all the calls.
I added the following to api_definition.yaml
securityDefinitions:
UserSecurity:
type: apiKey
in: header
name: X-Access-Token
security: [ { jwt: [] } ]
This doesn't seem to change anything in the Swagger-UI and I'm not entirely sure how to make it so that the user can input their key?
The security scheme name in the security key must match the name used in securityDefinitions:
securityDefinitions:
UserSecurity:
type: apiKey
in: header
name: X-Access-Token
security:
- UserSecurity: []
Then you should see the Authorize button in the Swagger UI header.