Ask a Question

swagger OAuth2

New Member

swagger OAuth2

Hi. I have a node.js api, using swagger. I am trying to add security around each method to authenticate the user. 

Using AWS Cognito user pool to authenticate users.

I am using swagger 2.0.


I have securityDefenitions setup in my json:


  "securityDefinitions": {
    "Bearer": {
      "type": "oauth2",
      "flow": "accessCode",
also have security setup for all methods:
"security": [],
I am not sure I understand the flow correctly, as OAuth2 has 2 basic steps 1)authenticate username/password, send back CODE(authorizationUrl) 2)get JWT from code (tokenUrl)
My app is getting the CODE back from the authorizationURL but swagger does not know what to do with the redirect or how to call the tokenUrl to get the JWT.
Would like some help so that on my swagger page, user clicks the Authorize button, enter user credentials and grabs the JWT needed to pass in to the header in the api calls.
thanks for any help and guidance

HI @staylor2916396 ,


What Swagger library are you using in Node.js? Swagger (and OpenAPI) are about describing your APIs, and then using that definition to do fancy things like routing, validation, etc. 

In Node.js case, I would imagine you'd want to look at something like for handling authentication on the code level. 


On another point, having `security: []` doesn't add your security. You need to reference it by name, like `security: [ Bearer: [] ]`. See "Apply Security" in for some more info there.


Showing results for 
Search instead for 
Did you mean: