Swagger 2.0 or OpenAPI 3 definition challenge

I have an HTTP POST and Graph QL based authentication endpoint that takes the following parameters: 1. API_subscription_key (Header) 2. Content-Type: application/graphql (Header) 3. Query (QueryString), that looks like:

?query={getAccessToken(clientId: "abc",clientSecret: "xyz"){accessTokenFormat accessToken expiresOn}}

I am building an API that uses Oauth 2 clientCredentials flow, to fetch the token from the above authentication endpoint and calls the subsequent APIs with the token to fetch data. How do I define the above securitySchemes using Open API 3 or Swagger 2.0? I tried defining like below but the swagger UI only shows Client ID, Client Secret text boxes and give an "Auth ErrorTypeError: Failed to fetch" when I input the client ID and client secret.

components:
  securitySchemes:
    myAPI_auth:    
      type: oauth2
      flows:
        clientCredentials:   
          tokenUrl: https://baseURL/graphql
          scopes:
            read_data: read the data

Swagger Editor

Swagger UI

Forum Discussion

Swagger 2.0 or OpenAPI 3 definition challenge

Related Content

How to express an array in a swagger definition

Unable to load swagger definition in Swagger Editor

Swagger Definition object default value

SSL Certificate error while trying to import swagger definition

Failed to load API definition

Recent Discussions

GROUPING CONTROLLERS INTO SEPARATE SWAGGER UI PAGES

oneOf or anyOf for the header schema

Should the Curl command show the path to the file to be uploaded

ID_TOKEN as the header in the Google OAUTH2.0

How to hide an endpoint from openaopi 3.0