Ask a Question
Log In / Sign Up
Choose a Product Community
AlertSite
AQTime Pro
BitBar
Collaborator
CrossBrowserTesting
Cucumber Open Source
CucumberStudio
LoadComplete
LoadNinja
QAComplete
ReadyAPI
SoapUI Open Source
Swagger Open Source
SwaggerHub
Swagger Inspector
TestComplete
TestLeft
Zephyr Scale
Zephyr Squad
Zephyr Enterprise
Resources
Ask a Question
Log In Sign Up

Swagger with on-prem deployment

SOLVED
Solved
jsrat10
New Contributor
‎12-27-2018 08:46 AM
‎12-27-2018 08:46 AM

Swagger with on-prem deployment

Our application is Microsoft stack. We deploy our application in the client environment. We want to turn off the swagger when deploying on the clients infrastructure. If we keep config change in the app.config or database, the end client can easily turn on the swagger and view all our private apis. They also have admin access to the DB. Is there a secured way of turning off the swagger for the on-prem deployment?

0 Kudos
6 REPLIES 6
RonRatovsky
Moderator
Moderator
‎12-27-2018 08:53 AM
‎12-27-2018 08:53 AM

Which Swagger tool are you referring to?


Did my reply answer your question? Give Kudos or Accept it as a Solution to help others.↓↓↓↓↓
0 Kudos
jsrat10
New Contributor
In response to RonRatovsky
‎12-27-2018 10:16 AM
‎12-27-2018 10:16 AM

Swagger UI for API documentation

0 Kudos
RonRatovsky
Moderator
Moderator
In response to jsrat10
‎12-27-2018 11:03 AM
‎12-27-2018 11:03 AM

In that case, either don't deploy Swagger UI as part of your overall deployment, or if it's embedded in your code, configure it such it is is not hosted. The way to do that would vary depending on the framework you use, but eventually, Swagger UI is a collection of HTML/CSS/JS files that are statically exposed.


Did my reply answer your question? Give Kudos or Accept it as a Solution to help others.↓↓↓↓↓
0 Kudos
jsrat10
New Contributor
In response to RonRatovsky
‎12-27-2018 06:40 PM
‎12-27-2018 06:40 PM

Hi Ron,

 

Thank you.  The way we set it up is,

 

1. Installed nswag nuget on web api project
2. Added configuration in Startup.cs
3. Navigate to /swagger endpoint

0 Kudos
RonRatovsky
Moderator
Moderator
In response to jsrat10
‎12-28-2018 07:49 AM
‎12-28-2018 07:49 AM

Thanks for the information. So you're getting Swagger UI installed as part of nswag. Unfortunately, nswag is not one of our projects so I'm not familiar with its configuration options and whether they offer a way to disable expsosing things through configuration.

 

Your best bet is to go through the documentaiton of nswag (https://github.com/RSuter/NSwag), and if no information is available, file a ticket with them for further support.


Did my reply answer your question? Give Kudos or Accept it as a Solution to help others.↓↓↓↓↓
jsrat10
New Contributor
In response to RonRatovsky
‎12-28-2018 08:54 AM
‎12-28-2018 08:54 AM

Thank you so much Ron for your help.  Really appreciate it.

0 Kudos
Subscribe
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: