Treatment of x-requested-with header

I have an existing REST service and a hosting server that requires the x-requested-with header to accept requests. And I need to define the swagger document for this service.

I don't want to include this x-requested-with header in the application's description because it is not part of the application's API but rather of the hosting server. At the same time, I would like to make the swagger clients such as swagger-ui (e.g., when the swagger file is retrieved from the hosting server and opened in swagger-ui) be able to include this header when making requests.

Unfortunately, swagger-ui does not allow a non-declared header to be added to the requests. So, one approach would be to add a dummy apiKey security definition in the swagger file as in

    "securityDefinitions": {
...
        "XRequestedWith": {
            "type": "apiKey",
            "in": "header",
            "name": "x-requested-with"
        }
    },
    "securityRequirement": [
...
        {
            "XRequestedWith": []
        }
    ]

and activate this apiKey to force including this header. Would this be a recommended approach or are there better approaches?

Regards, aki

Forum Discussion

Treatment of x-requested-with header

Recent Discussions

Json and Xml example with inheritance

OpenApi Spec for AWS ApiGateway doesn't allow 1 attribute to read its value dynamically

openapi codegen doesn't match swagger for xml array

Related Content

how to send a post request with x-www-form-urlencoded (adaptation from postman request)

Missing header

Missing Required Headers error