Forum Discussion

w00x's avatar
w00x
Visitor
3 years ago

Custom headers for oatuh2 clientCredentials

Hello!!   Im creating a YAML in SwagerHub and I want add custom header (it is necessary for the internal functioning of the app) in a security ouath2 of type clientCredentials but I not foud anythi...
ponelat's avatar
ponelat
Icon for Staff rankStaff
3 years ago

Hi w00x 

 

In addition to the stuff you can add with security (docs here https://swagger.io/docs/specification/authentication/ ). You can also describe that requests need special headers, by using (header) parameters https://swagger.io/docs/specification/describing-parameters/#header-parameters

 

It's also possible to use the `apiKey` type of security to require a header, something like the following might work...

 

openapi: 3.0.3
info:
  title: Foo
  version: 1.0.0
  
paths: 
  /foo:
    get:
      description: ok
      security: 
      - sec1: []
      - sec2: []
      responses:
        default:
          description: ok

components:
  securitySchemes:
    sec1:
      type: oauth2
      flows:
        clientCredentials:
          tokenUrl: example.com
          scopes: {}
    sec2:
      type: apiKey
      in: header
      name: 'Some-Header'