Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

OpenAPI 3: add support for Token authentication

See original GitHub issue

I have a Rails application that uses the following standard for authentication:

Authorization: Token token="ACCESS_TOKEN"

Currently this authentication method is not supported by the spec.

However the OpenAPI should support this method because is a standard and moreover it is widely used in production - see Rails’ authenticate_or_request_with_http_token for example.

Issue Analytics

  • State:closed
  • Created 6 years ago
  • Reactions:3
  • Comments:9 (6 by maintainers)

github_iconTop GitHub Comments

3reactions
darrelmillercommented, Mar 7, 2018

@collimarco @epastorino OpenAPI v3 does support any security scheme that uses the Authorization header.

components:
  securitySchemes:
    Token:
      type: http
      scheme: Token
3reactions
epastorinocommented, Mar 6, 2018

I have the same problem. I’m using django-rest-framework with token authentication. OpenAPI should support this method, I agree. Meanwhile, I’m documenting my APIs using this workaround, inspired by this response from stackoverflow:

components:
  securitySchemes:
    Token:
      type: apiKey
      in: header
      name: Authorization
      description: Enter your token in the format **Token <token>**
Read more comments on GitHub >

github_iconTop Results From Across the Web

Authentication - Swagger
OpenAPI uses the term security scheme for authentication and authorization schemes. OpenAPI 3.0 lets you describe APIs protected using the following ...
Read more >
Configure JWT Authentication for OpenAPI - Baeldung
In this tutorial, let's learn how to generate OpenAPI documentation, test REST APIs, and configure JWT authentication for our OpenAPI using ...
Read more >
openapi - How can I represent 'Authorization: Bearer <token ...
OpenAPI 3.0 now supports Bearer/JWT authentication natively. ... Adding Authorization header programmatically (Swagger UI 3.x).
Read more >
Security with OpenAPI - Cloud-Native AppDev
Currently OpenAPI 3.0 supports four main "types" of secuirty schemes. ... Authentication that uses a token generated from logging into ...
Read more >
OpenAPI Specification — Swagger Authentication - Medium
Use of OAuth token validation with OpenApi Specification Swagger 3. We will see Authorising API using Swagger and go through sample OAuth ...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

How to reference headers in response

Next page

xml property and root schemas