Showing results for 
Search instead for 
Did you mean: 

Securing the default page of OpenAPI documentation

Occasional Visitor

Securing the default page of OpenAPI documentation

Dear community,


I am trying to generate OpenAPI documentation for my existing .net core Web API's. The Web API's are protected by AAD B2C (by OAuth 2.0 spec). But when implementing the open API documentation, the default documentation page popping up without any credential verififcaiton. Since my requirement is to make the default page that lists the titles and documentation as well need an authentication before displaying that page.


I was thinking to have separate authorization filter for documentation path, but how to configure the handshaking part of OAuth is looking grey to me. 


Could someone help me on this?





Re: Securing the default page of OpenAPI documentation

Swagger UI at the end is a set of static assets being served by your application. Acess control is not within its features and you'd need to configure that the same way you'd configure it for any other static asset within your application.

Did my reply answer your question? Give Kudos or Accept it as a Solution to help others.↓↓↓↓↓
New Here?
Join us and watch the welcome video:
Top Kudoed Authors
Top Kudoed Posts