Forum Discussion

LNTHAI2002's avatar
Regular Visitor
12 months ago

authentication header required to fetch api-docs


I have a multitenant application that uses springdoc-openapi-starter-webmvc-ui. The swagger-ui is hosted at an endpoint that accept the tenant name though URL query string ( When the swagger-initializer.js is loaded, SwaggerUIBundle is init with configUrl pointing to a tenant awared endpoint like This config endpoint will return a json containing the URL of the tenant api-docs like this:

  "docExpansion": "none",
  "tagsSorter": "alpha",
  "validatorUrl": "",
  "url": ""

I have 2 problems here:

1. the api-docs of the tenant is protected thus, for the swagger-ui to fetch the api-docs it needs to send a special header "access-token". How can I make the swagger config json for swagger-ui to send this token when fetching the api-docs. you can see, the swagger-ui is not at the same domain as the tenant api-docs, thus i will have CORS error when swagger-ui trying to fetch api-docs, is there a way to tell swagger-ui to allow CORS request to other domain?
Hope to get some help soon.


No RepliesBe the first to reply