Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info

This configuration is case-sensitive and must be a valid JSON document.


Below is a simple example of a single security using a single scheme.  This example is using API Key Authentication.

  • The "name" of the security scheme can be anything, below the name this one "MyAPIKey".
  • Notice that "MyAPIKey" is defined as an "apiKey" type, and requires a property named "X-API-KEY" in the header.
  • Also, to enable this scheme authentication, it must be included in the "security" section and the name must exactly match.

...

Code Block
languagejs
title An example of a configuration that secures all APIs to require an API key credentials
{
  "openapi": "3.0.3",
  "info": {
    "title": "My Company APIs",
    "version": "2.1.6"
  },
  "components": {
    "securitySchemes": {
      "MyAPIKey": {
        "type": "apiKey",
        "in": "header",
        "name": "X-API-KEY"
      }
    }
  },
  "security": [
    {
      "MyAPIKey": []
    }
  ]
}


Below is another simple example of a single security using a single scheme.  This example is using User/Password Authentication.

  • The "name" of the security scheme can be anything, below the name this one "User".
  • Notice that "User" is defined as a "http" type with scheme basic.  This means it requires the caller to send an encoded basic User/Password value for "Authorization" in the header.
  • Also, to enable this scheme authentication, it must be included in the "security" section and the name must exactly match.

...

Code Block
languagejs
title An example of a configuration that secures all APIs to require User/Password credentials
{
  "openapi": "3.0.3",
  "info": {
    "title": "My Company APIs",
    "version": "2.1.6"
  },
  "components": {
    "securitySchemes": {
      "User": {
        "type": "http",
        "scheme": "basic"
      }
    }
  },
  "security": [
    {
      "User": []
    }
  ]
}


Below is another simple example of a single security using a single scheme.  This example is using IBMi User/Password Authentication..

Code Block
languagejs
title An example of a configuration that secures all APIs to require IBMi User/Password credentials
{
  "openapi": "3.0.3",
  "info": {
    "title": "My Company APIs",
    "version": "2.1.6"
  },
  "components": {
    "securitySchemes": {
      "IBMiUser": {
        "type": "http",
        "scheme": "basic",
		"x-ibmi": true
      }
    }
  },
  "security": [
    {
      "IBMiUser": []
    }
  ]
}


Below is an example that shows how you can use multiple schemes.

  • In the "security" section, there is still a single array element, however there it has two properties: "AppKey" and "ClientID"

...

Code Block
languagejs
title An example of a configuration that secures all APIs to require two API credentials
{
  "openapi": "3.0.3",
  "info": {
    "title": "My Company APIs",
    "version": "2.1.6"
  },
  "components": {
    "securitySchemes": {
      "AppKey": {
        "type": "apiKey",
        "in": "header",
        "name": "AppKey"
      },
      "ClientID": {
        "type": "apiKey",
        "in": "header",
        "name": "ClientID"	
      }
    }
  },
  "security": [
    {
      "AppKey": [],
      "ClientID": []
    }
  ]
}


For advanced requirements

Below is an example of how you can combine different schema along with different securities. 

...