APIs Beta Generate Collection sets Authorization on all request to "No Auth"
See original GitHub issueDescribe the bug
When an API is imported through the APIsBeta interface, then the ‘Generate Collection’ button is clicked, all requests in the resulting Collection have their ‘Authorization’ set to ‘No Auth’. This is true even if security
and/or securitySchemes
are set in the OpenAPI schema. This makes it difficult to set the ‘Authorization’ for all Requests in a Collection. It seems like it would make more sense to default ‘Authorization’ to ‘Inherit auth from parent’.
To Reproduce Steps to reproduce the behavior:
- Go to ‘APIsBeta’
- Click on ‘New API’
- Click on ‘Add Schema’
- Import an OpenAPI schema
- Click on ‘Save’
- Click on ‘Generate Collection’
- Go to ‘Collections’
- Go to the generated collection
- Go to any request in the collection
- Go to ‘Authorization’
- See that ‘Type’ is set to ‘No Auth’
Expected behavior
The ‘Type’ should be set to ‘Inherit auth from parent’ or utilize the security
and/or securitySchemes
properties in the OpenAPI schema.
App information (please complete the following information):
- App Type: Native App
- Postman Version: 7.1.1
- OS: Windows 10
Issue Analytics
- State:
- Created 4 years ago
- Reactions:10
- Comments:9 (2 by maintainers)
Top Results From Across the Web
Grouping requests in collections - Postman Learning Center
Select Collections in the sidebar for the list of collections in a workspace. Contents. Creating collections; Adding requests to a collection.
Read more >Add authorization to an Express.js API application - Auth0
If you have not created an API in your Auth0 dashboard yet, use the interactive selector to create a new Auth0 API or...
Read more >Use Postman with the Microsoft Graph API
Use the Microsoft Graph Postman collection to get started with ... Step 3: Create an Azure AD application; Step 4: Configure authentication ......
Read more >Using OAuth 2.0 with the Google API Client Library for Java
Google APIs support OAuth 2.0 flows for different types of client applications. In all of these flows, the client application requests an ...
Read more >How to get an access token with Authorization Code Grant
Step 1. Request the authorization code ... Before you can make any API calls using Authorization Code Grant, you must get your user's...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
@umeshp7 This behaviour still isn’t useful to me - most of my endpoints do indeed specify an OAuth2 bearer token security scheme. This means that most of my endpoints are still generated with “bearer token” as the auth, and no token set by default. For each endpoint I have to manually set the token. There needs to be some way of just always inheriting auth from parent. If anything, it would be more useful to me to inherit auth from parent when a path does have a security scheme defined, and set to “no auth” if there isn’t one defined.
I’ve just come across this bug too. It’s absurd; inherit from parent is meant to be the default for a reason. Why on earth would you set the default to no auth? If an API requires authentication that’s going to be extremely inconvenient.