Swagger UI Authentication Header

Sara Tibbetts Source

Currently I have a process that a user can go through to get a JSON Web Token (JWT). This JWT is then used to set the X-Access-Token header for all http requests to the API. I am having trouble figuring out how to do this.

I believe it is possible to add to api_definition.yaml so that a field comes up where the user can enter their JWT, and this can then be added as a header to all the calls.


Solution Attempts

I added the following to api_definition.yaml

securityDefinitions:
  UserSecurity:
    type: apiKey
    in: header
    name: X-Access-Token

security: [ { jwt: [] } ]

This doesn't seem to change anything in the Swagger-UI and I'm not entirely sure how to make it so that the user can input their key?

jwtswaggerswagger-uiapi-key

Answers

answered 1 year ago Helen #1

The security scheme name in the security key must match the name used in securityDefinitions:

securityDefinitions:
  UserSecurity:
    type: apiKey
    in: header
    name: X-Access-Token

security:
  - UserSecurity: []

Then you should see the Authorize button in the Swagger UI header.

comments powered by Disqus