Securing the default page of OpenAPI documentation
I am trying to generate OpenAPI documentation for my existing .net core Web API's. The Web API's are protected by AAD B2C (by OAuth 2.0 spec). But when implementing the open API documentation, the default documentation page popping up without any credential verififcaiton. Since my requirement is to make the default page that lists the titles and documentation as well need an authentication before displaying that page.
I was thinking to have separate authorization filter for documentation path, but how to configure the handshaking part of OAuth is looking grey to me.
Re: Securing the default page of OpenAPI documentation
Swagger UI at the end is a set of static assets being served by your application. Acess control is not within its features and you'd need to configure that the same way you'd configure it for any other static asset within your application.