Ask a Question

How to add AWS authentication to my OPEN API SPEC

Occasional Visitor

How to add AWS authentication to my OPEN API SPEC

I am documenting an existing API with OpenAPI. The API uses AWS authentication.  I have been testing the API using postman, where I add Aws access key and Signature in the Auth section of Postman. But on close inspection, it turns out that Postman does some HMAC manipulation on the secret key and then sends it in header. 


I am not sure how to document this Auth process in the OpenAPI spec? 

I would prefer the user to be only aware of AWS Access key and secret and not the manipulations/conversions that need to be performed.


Is there a way I can document this authentication procedure with OpenAPI? 

SmartBear Alumni (Retired)

OpenAPI does not have special support for AWS signatures. It can only be defined as a genetic Authorization header:

      type: apiKey
      in: header
      name: Authorization

  - awsSigV4: []


But Swagger UI provides requestInterceptor to change outgoing requests, which can be used to calculate the AWS signature similar to how Postman does this. Check out these posts:

How to calculate AWS signature V4 in Swagger before request

SwaggerJS/API Explorer using AWS Sigv4 authentication on Amazon API Gateway


Hope this helps!

Helen Kosova
SmartBear Documentation Team Lead
Did my reply answer your question? Give Kudos or Accept it as a Solution to help others. ⬇️⬇️⬇️
Showing results for 
Search instead for 
Did you mean: