Optional Authentication or "Demo User"
Hello,
I had an idea for an API we are developing and I was wondering if anyone has done this before or would know whether it is possible.
Essentially, we have a generic user set up which has access to some demo data.
We'd like to use this user to give our consumers a preview of what is available in our API. This will help them decide whether it meets their needs or not without having to actually sign them up as API consumers.
I was wondering if there is any way to have the demo user authenticated on load of the Swagger Documentation while retaining the option for users to sign in with their consumer account once they are onboarded to see data more pertinent to them?
Essentially this would provide a demo mode for potential consumers where they could still explore all of the endpoints. This will be an internal facing API within our company and would only be required for our non-prod environments.
If this isn't possible, is there any way to accomplish something similar or is it better to provide potential consumers with the demo user credentials?
This is a very common use case for SwaggerHub customers that I work with.
However, there is no way in OAS to pre-populate the Authorization pop-up fields in swagger-ui for SwaggerHub.
Both the swagger-ui panel for Try-It and the swagger-docs page will display and open the Authorization pop-up, but i cannot find any mechanism to pre-populate the fields within.
One (not very sustainable) solution comes to mind. Have 2 copies (or versions) of the Spec in SwaggerHub:
- Copy 1 for serious Consumers where they enter their credentials as normal.
- Copy 2 for the "casual browsers" where you have added a hard-coded Basic Auth or JWT Authorization HEADER to the path methods and no Security tag. You cannot easily do this for the OAuth security schemas.
Most customers simply provide the "demo" credentials in the $.info.description section of the Spec (usually bold and large font) with the caveat that users with their own credentials should use those in the Authorization pop-up.
