cancel
Showing results for 
Search instead for 
Did you mean: 

How to document API that uses OAuth2 and bearer auth?

SOLVED
Highlighted
Visitor

How to document API that uses OAuth2 and bearer auth?

I've been looking at the authentication docs and I'm a bit confused.

 

Our API uses Auth2 to get an access token, both through client-side redirect and JWT assertions. 

 

It then uses the access token as a bearer token to authenticate each API call.

 

So here is the question: do I specify this is a bearer token security scheme, or an OAuth2 security scheme?

 

 

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Moderator

Re: How to document API that uses OAuth2 and bearer auth?

Hi cbetta,

 

When you use OAuth 2.0, the Authorization header will look like:

Authorization: Bearer <some value>

 

Also, the Bearer authentication scheme was originally created as part of OAuth 2.0 in RFC 6750

 

 



Learn SmartBear products in a fun and easy way and prove your knowledge!
>>Participate in the TechCorner Challenge today

View solution in original post

1 REPLY 1
Highlighted
Moderator

Re: How to document API that uses OAuth2 and bearer auth?

Hi cbetta,

 

When you use OAuth 2.0, the Authorization header will look like:

Authorization: Bearer <some value>

 

Also, the Bearer authentication scheme was originally created as part of OAuth 2.0 in RFC 6750

 

 



Learn SmartBear products in a fun and easy way and prove your knowledge!
>>Participate in the TechCorner Challenge today

View solution in original post

New Here?
Join us and watch the welcome video: