openapiswagger-ui
How to correctly declare a route with facultative authentication in OpenAPI 3.0 specification?
I have a route that returns the content of a public article. If the user is logged, the route returns a different content (a content with additionnal details). I don't know how to declare this in my OpenAPI description. I couldn't find anything about this in the official doc.
My securitySchemes definition :
components:
securitySchemes:
bearerAuth:
type: http
scheme: bearer
bearerFormat: JWT
My route declaration :
/article/{slug}:
get:
tags:
- articles
summary: Return an article with more detail for authenticated users
operationId: get_detail_article
parameters:
- name: slug
in: path
required: true
schema:
type: string
security:
- {}
- bearerAuth: []
responses:
"200":
content:
application/json:
schema:
$ref: "#/components/schemas/Article"
Is the authentification part is correct ?
the result in swagger editor :
As you can see, the lock at right is black and closed, meaning that authentification is necessary.
Solution
Not sure which Swagger Editor version you are using but the security object is defined correctly for an OR condition, as in.. must use bearerAuth OR none
openapi: 3.0.3
info:
title: test
version: 1.0.0
servers:
- url: https://www.example.com
paths:
"/article/{slug}":
get:
tags:
- articles
summary: Return an article with more detail for authenticated users
operationId: get_detail_article
parameters:
- name: slug
in: path
required: true
schema:
type: string
security:
- {}
- bearerAuth: []
responses:
"200":
description: OK
content:
application/json:
schema:
$ref: "#/components/schemas/Article"
components:
securitySchemes:
bearerAuth:
type: http
scheme: bearer
bearerFormat: JWT
schemas:
Article:
description: An Article
type: string
I get a transparent lock on Swagger UI free account
If I comment out the empty security, the lock changes to require only bearerAuth
- FastAPI error when handling file together with form-data defined in a Pydantic model
- Issue with Kiota MultipartBody in TypeScript: "unsupported content type for multipart body"
- Case-insensitive string parameter or enum in an OpenAPI schema
- OpenAPI - Exception in thread "main" java.lang.RuntimeException: Issues with the OpenAPI input
- How to define query parameters using Pydantic model in FastAPI?
- nested IEnumerable<int> generates "invalid" OpenAPI json doc
- Path parameter in OpenAPI yaml file is not recognized
- How does one setup OpenAPI redirect response with parameters?
- OpenApi Client Kotlin Jar Dependency build with Gradle is not recognized in my Android Kotlin Jetpack Compose Project
- Quarkus application - add servers to the Open API specification in runtime (run in a Docker Container)
- How to define a JSON array with concrete item definition for every index (i.e. a tuple) in OpenAPI?
- Swagger UI does not show operations when running with classic JarLauncher
- lombok @SuperBuilder changing one of my field names?
- Overlapping method route | Rust axum (utoipa)
- Migrating from Springfox Swagger 2 to Springdoc Open API
- Modifying the DTO name appearing in OpenAPI (Swagger) schemas in NestJS
- Enable Authorize button in springdoc-openapi-ui for Bearer Token Authentication (JWT)
- OpenAPI vs swagger
- Show length in Azure APIM Developer Portal
- C# ASP.NET MVC web app - update view after completion of asynch calls w/ OpenAI
- How do I combine multiple OpenAPI 3 specification files together?
- Summary and description for the Path Item Object of OpenAPI
- How to authorize OpenAPI/Swagger UI page in FastAPI?
- How to disable Authentication in FastAPI based on environment?
- Insert local image in the FastAPI automatic documentation
- open-api-generator how to avoid fields being nullable
- Unable to show Custom Header in Open API UI
- Should Internal Server Error be documented in swagger?
- OpenAPI Generator doesn't generate functions for multipart/form-data
- How to style Swagger API docs with custom CSS in Node.js?