Stoplight Bug: Authorization Scheme
Originally posted by user jonbatscha-klaviyo to the Stoplight Community on 02/05/2023 at 21:47 ET.
Hey team,
We recently started using stoplight for API design, and are currently evaluating whether it is a good fit for hosting our API docs. In the course of exploring this, we came across the following bug:
We define our Auth as follows:
"securitySchemes": {
"Klaviyo-API-Key": {
"type": "apiKey",
"in": "header",
"name": "Authorization",
"description": "Private key authentication for /api/ endpoints is performed by setting the Authorization header to Klaviyo-API-Key your-private-api-key<br>For more information please visit https://developers.klaviyo.com/en/v2023-01-24/reference/api-overview#authentication",
"x-default": "Klaviyo-API-Key your-private-api-key"
}
}
This renders correctly in the platform we are currently using (please see readme.png attached)
However, this renders incorrectly when imported into stoplight, both in the API-level view, as well as the endpoint view (please see stoplight-api.png and stoplight-endpoint.png, attached)
Please let me know if:
- there's any way we can get around this bug by refactoring the way we declare this auth scheme
- or, if you can add this bug fix to your roadmap.
We love most other aspects of stoplight, but this bug and the non-deterministic-URLs are currently blocking us from adopting it further. Thanks!
Cheers,
Jon