Forum Discussion

LNTHAI2002's avatar
LNTHAI2002
Regular Visitor
12 months ago

authentication header required to fetch api-docs

Hello,

I have a multitenant application that uses springdoc-openapi-starter-webmvc-ui. The swagger-ui is hosted at an endpoint that accept the tenant name though URL query string (https://mycompany.com/api-manager?tenant=tenant1). When the swagger-initializer.js is loaded, SwaggerUIBundle is init with configUrl pointing to a tenant awared endpoint like https://mycompany.com/api-config?tenant=tenant1. This config endpoint will return a json containing the URL of the tenant api-docs like this:

{
  "docExpansion": "none",
  "tagsSorter": "alpha",
  "validatorUrl": "",
  "url": "https://tenant.mycompany.com/tenant1/v3/api-docs"
}


I have 2 problems here:

1. the api-docs of the tenant is protected thus, for the swagger-ui to fetch the api-docs it needs to send a special header "access-token". How can I make the swagger config json for swagger-ui to send this token when fetching the api-docs.

2.as you can see, the swagger-ui is not at the same domain as the tenant api-docs, thus i will have CORS error when swagger-ui trying to fetch api-docs, is there a way to tell swagger-ui to allow CORS request to other domain?
Hope to get some help soon.

Regards

No RepliesBe the first to reply