How to add AWS authentication to my OPEN API SPEC
I am documenting an existing API with OpenAPI. The API uses AWS authentication. I have been testing the API using postman, where I add Aws access key and Signature in the Auth section of Postman. But on close inspection, it turns out that Postman does some HMAC manipulation on the secret key and then sends it in header. I am not sure how to document this Auth process in the OpenAPI spec? I would prefer the user to be only aware of AWS Access key and secret and not the manipulations/conversions that need to be performed. Is there a way I can document this authentication procedure with OpenAPI?
Regarding Invalid Client on jackhenry DMZ loan Vantage Postman Collection to get access token
I am getting error invalid client as you can see in the attached screenshot, despite after entering the Client_id and Client_secret I should be able to get the access token but getting again and again :- { "error": "invalid client" } does anybody have an idea of this error, because without the access token I won't be able to proceed further so if anyone has any idea or has consumed this, suggest me it would be very helpful For more information I am attaching the Url:- https://jackhenry.dev/jxchange-rest/providers/loanvantage/api-reference/#/Document/DocumentCreate Also I am attaching the screenshot of the documentation of LoanVantage DMZ that I have imported in postman as per the guidelines in the documentation.
Can Swagger UI for Openapi v3 handle arrays in multipart requests?
I have the following Openapi document: { "info": { "description": "This document shows strange behavior in swagger ui", "title": "This document shows a strange behavior in swagger ui", "version": "0.0.0" }, "openapi": "3.0.0", "paths": { "/post": { "post": { "description": "Upload multiple files", "requestBody": { "content": { "multipart/form-data": { "schema": { "properties": { "inputResources": { "items": { "type": "string" }, "type": "array" } }, "type": "object" } } }, "description": "Multipart body to upload files" } } }, }, "servers": [ { "url": "https://httpbin.org" } ] } I want to display it with Swagger UI so I created the following HTML page: <script src="https://unpkg.com/swagger-ui-dist@3/swagger-ui-bundle.js"></script> <script src="https://unpkg.com/swagger-ui-dist@3/swagger-ui-standalone-preset.js"> </script> <script> window.onload = function() { const ui = SwaggerUIBundle({ url: "path/to/above/document", validatorUrl : null, dom_id: '#swagger-ui', deepLinking: true, }) window.ui = ui } </script> <div id="swagger-ui"></div> I get a nice display of my request However when I execute it the following multipart body is sent: ------WebKitFormBoundaryzRaOvYA1aX8T4BXu Content-Disposition: form-data; name="inputResources" ewrr,eeee ------WebKitFormBoundaryzRaOvYA1aX8T4BXu-- As you see the strings are just comma-separated which is not a valid way to encode an array of strings in a multipart body. I would expect a part for each string element to be created like that: ------WebKitFormBoundaryzRaOvYA1aX8T4BXu Content-Disposition: form-data; name="inputResources" ewrr ------WebKitFormBoundaryzRaOvYA1aX8T4BXu Content-Disposition: form-data; name="inputResources" eeee ------WebKitFormBoundaryzRaOvYA1aX8T4BXu-- Even worse when I change the format of the inputResources property to binary to send files instead. "inputResources": { "items": { "format": "binary", "type": "string" }, "type": "array" } This changes the multipart body to the following: ------WebKitFormBoundary5OvyKi6BDAuPKnFm Content-Disposition: form-data; name="inputResources" [object File],[object File] ------WebKitFormBoundary5OvyKi6BDAuPKnFm-- Again I would have expected two parts with the respective file's binary content. Am I assuming correctly that Swagger UI simply does not support arrays yet in multipart request bodies? Or did I do something wrong? Kind regards, Neidhart
Managing Multiple Auth Methods in Swagger UI
Hello everyone, I'm currently working on a Laravel project and facing a challenge with defining multiple authentication types in L5-Swagger. My app uses both HTTP Bearer Token (token) and Laravel Passport (passport). I want passport to act as a fallback only when the token isn't defined. (Purpose of the fallback authentication is protecting our endpoints from unwanted calls with predefined credencials.) I want to instruct Swagger UI to correctly select the preferred token in the request headers. This would ensure that users testing the API through Swagger UI use the appropriate authentication scheme (token) by default unless it’s unavailable, in which case passport should be used. Based on OpenAPI logic, security schemes can be combined using logical OR and AND. Here are my desired rules: Primary: Prefer token for authentication. Fallback: Use passport only if token isn't defined. User-Specific Endpoints: Certain endpoints strictly require the token and, due to mutual exclusivity, will not allow passport. Flexible Endpoints: Other endpoints can accept either token or passport. According to OpenAPI docs, I can structure the security configuration as follows: 'security' => [ [ 'token' => [], ], [ 'passport' => [], ], ], My Questions: Is this the correct way to prioritize token over passport in L5-Swagger? Are there better practices to structure authentication hierarchies in Swagger docs for Laravel applications? Any help or suggestions would be greatly appreciated! Thanks in advance! :) Star
Swagger UI rendering issues
Hi Our team faced following issue https://github.com/springdoc/springdoc-openapi/discussions/2868 after updating to the latest version. For now we are using workaround provided in answers of this thread and related issue. But, it would be nice to have Swagger UI rendering correction for OpenAPI 3.1. Thank you
Modify base URL
How can I modify the base URL in Swagger UI that is used to concatenate with the service endpoints? For example, we use this URL to access Swagger in our project: https://mydomain.com/AR900115//apidoc/catalogo.html, and in the .yaml configuration file, we only have the following defined in the servers section: This causes an issue because every time we try to test an API in Swagger, we get a 400 error since it constructs the URL incorrectly, like this: https://mydomain.com/web/api/v1/jerarquiaMkt/?CodScan=1010, Instead, it should be: https://mydomain.com/AR900115/web/api/v1/jerarquiaMkt/?CodScan=1010 (In this example, the API being tested is jerarquiaMkt)
Swagger UI - Documentation for end user?
Is there any general documentation on navigating Swagger UI for end users? We've written our own, but I would like to also link to any existing guide that gives an overview of the Swagger UI. I'm hoping SmartBear has something out there like this, but a bit more detailed. Topics might include: An overview of the page layout. Example Value vs. Schema (under the Responses area), how to navigate them. What GET vs. POST vs. PUT vs. DELETE buttons do, generally speaking. The Schemas area at the bottom, why it's useful, and how to navigate it. Thanks!Swagger Cors Issue
Hi Team, I have deployed my springboot project in Cloud platform but when i try to hit the api using swagger at that time I'm getting the below error I have allowed the crossOrigin also and I not included spring security also it is working in post man same i gave public url Can anyone help me out in this issue
