swagger security oauth2 authorisation code workflo...

rrs-james · ‎02-22-2021

Hello

I am new here but have been struggling with a problem on swagger.

I am getting a Fetch error when I try and authorise using oauth2 with authorisation code flow.

The problem is with CORS and because when using swagger the Origin header is not being set.

My question is fairly simple but I can not find the answer anywhere.

Where/how can I set the request headers for the authorise call in swagger ui?

KR,

James Hudson

saiyajin · ‎03-19-2021

Hi

In your case I might suggest you 2 solutions:

Use proxy mode. You can enable proxy settings in the bottom of your specification on SwaggerHub OpenAPI editor page. Here is an image for clarification.
If you route the request via browser, then you should allow CORS requests in the configuration of your server. CORS uses special HTTP headers to allow cross-domain requests. The "try it out" feature requires the following headers in API responses:

Access-Control-Allow-Origin: https://app.swaggerhub.com
Vary: Origin

Since you are sending request from SwaggerHub, the origin value is https://app.swaggerhub.com

If you are expecting a request from any origin while using a wildcard in the response header, you should disable credentials on SwaggerHub OpenAPI editor page (check the bottom settings in the previous screenshot).

Also, I would like to recommend you the this article on CORS to get into SwaggerHub.

swagger security oauth2 authorisation code workflow request headers

swagger security oauth2 authorisation code workflow request headers

Re: swagger security oauth2 authorisation code workflow request headers

Repeatable request fields with different values

Pitfalls when publishing an API referencing Domain...

Publish standarization rules using registry API or...

OpenAPI3.0 and ENUM

Error installing swagger locally