cancel
Showing results for 
Search instead for 
Did you mean: 

Cookie Authentication

SOLVED
New Contributor

Cookie Authentication

As per the SwaggerHub documentation, I have created a login API which sends back a Session Id by setting a cookie. The YAML is as follows

      responses:
        '200':
          description: >
            Successfully authenticated.
            The session ID is returned in a cookie named `IPPE_SESSION_ID`. You need to include this cookie in subsequent requests.
          headers: 
            Set-Cookie:
              schema: 
                type: string
                example: IPPE_SESSION_ID=abcdef12345abcdef12345

On line 4 it says you need to include this cookie in subsequent requests. Does this mean I have to define a cookie parameter in my other API calls or is this automatically sent through being in the cookie and having an apiKey authentication set up as follows

components:
  securitySchemes:
    SessionAuth:            # arbitrary name for the security scheme
      type: apiKey
      in: cookie
      name: IPPE_SESSION_ID  # name of the cookie

And I have a global security statement for the SessionAuth.

 

So, for all the other API calls listed under the different paths/actions, do I need to have a parameter declaration for the session id cookie or is this automatic? And what if I want to define more API's - can I refer back to the authentication defined under this API?

 

TIA

 

Andy

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Moderator

Re: Cookie Authentication

You don't need to define it as a parameter, but you do need to define the 'security' at the top level or operations to apply the securityScheme. Check out Step 2 in https://swagger.io/docs/specification/authentication/.

1 REPLY 1
Highlighted
Moderator

Re: Cookie Authentication

You don't need to define it as a parameter, but you do need to define the 'security' at the top level or operations to apply the securityScheme. Check out Step 2 in https://swagger.io/docs/specification/authentication/.

New Here?
Join us and watch the welcome video: