Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Extensibility of security definitions?
See original GitHub issueI’m dealing with cases where there are a lot of extended or custom authentication systems around. Various Active Directory scenarios are the most egregious example.
In looking how to represent this in our swagger docs, the security scheme object seems pretty hard-wired to basic, api key, and oauth 2. Is there an intended way to add new authentication types to the document, even if the downstream consumers won’t understand it directly? Or should I put:
"type": "basic",
"x-but-actually-it-is": "someCustomAuth"
or something along those lines? Is there a recommendation or pattern I can follow here?
Issue Analytics
- State:
- Created 8 years ago
- Reactions:5
- Comments:15 (7 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Any news on it? Latest comment 5 may in this issue, still waiting support for JWT
Take a look at https://github.com/OAI/OpenAPI-Specification/blob/OpenAPI.next/versions/3.0.md#securitySchemeObject.
It supports extensions in general. Also,
basichas been changed tohttpand theschemewas added. If you end up usingbearer, for example, you can use that to describe JWT tokens.