I am documenting an existing API with OpenAPI. The API uses AWS authentication. I have been testing the API using postman, where I add Aws access key and Signature in the Auth section of Postman. But on close inspection, it turns out that Postman does some HMAC manipulation on the secret key and then sends it in header.
I am not sure how to document this Auth process in the OpenAPI spec?
I would prefer the user to be only aware of AWS Access key and secret and not the manipulations/conversions that need to be performed.
Is there a way I can document this authentication procedure with OpenAPI?