Forum Discussion

Stoplight's avatar
Community Manager
5 months ago

Stoplight Bug: Authorization Scheme

Originally posted by user jonbatscha-klaviyo to the Stoplight Community on 02/05/2023 at 21:47 ET.

Hey team,

We recently started using stoplight for API design, and are currently evaluating whether it is a good fit for hosting our API docs. In the course of exploring this, we came across the following bug:

We define our Auth as follows:

    "securitySchemes": {
      "Klaviyo-API-Key": {
        "type": "apiKey",
        "in": "header",
        "name": "Authorization",
        "description": "Private key authentication for /api/ endpoints is performed by setting the Authorization header to Klaviyo-API-Key your-private-api-key<br>For more information please visit",
        "x-default": "Klaviyo-API-Key your-private-api-key"


This renders correctly in the platform we are currently using (please see readme.png attached)

However, this renders incorrectly when imported into stoplight, both in the API-level view, as well as the endpoint view (please see stoplight-api.png and stoplight-endpoint.png, attached)

Please let me know if:

  1. there's any way we can get around this bug by refactoring the way we declare this auth scheme
  2. or, if you can add this bug fix to your roadmap.

We love most other aspects of stoplight, but this bug and the non-deterministic-URLs are currently blocking us from adopting it further. Thanks!


No RepliesBe the first to reply