I have uploaded a swagger openAPI 3.0.0 standard yaml file to the Apigee Portal. I have a security scheme that requires a Bearer token. But after uploading the document > going to the live portal > Clicking on Api's > then Authorization, I notice that it changes to basic authorization (which means I need to insert a username and password)
How can I fix this? It seems like a bug from Apigee portal.
Solved! Go to Solution.
The below format works for me. I tried.
swagger: '2.0'
info:
version: 1.0.0
title: Based on "Basic Auth Example"
description: >
An example for how to use Auth with Swagger.
host: basic-auth-server.herokuapp.com
schemes:
- http
- https
securityDefinitions:
Bearer:
type: apiKey
name: Authorization
in: header
paths:
/:
get:
security:
- Bearer: []
responses:
'200':
description: 'Will send `Authenticated`'
'403':
description: 'You do not have necessary permissions for the resource'
Did you try like below?
openapi: 3.0.0 ... # 1) Define the security scheme type (HTTP bearer) components: securitySchemes: bearerAuth: # arbitrary name for the security scheme type: http scheme: bearer bearerFormat: JWT # optional, arbitrary value for documentation purposes # 2) Apply the security globally to all operations security: - bearerAuth: [] # use the same name as above
refer: https://swagger.io/docs/specification/authentication/bearer-authentication/
Yes. I don't see much difference. Here is a copy of my security schemes. The top 2 are behaving exactly like the last one
securitySchemes: bearerAuth_apigee: scheme: bearer type: http bearerFormat: JWT bearerAuth_auth0: scheme: bearer type: http bearerFormat: JWT api_key: type: apiKey name: x-api-key in: header basicAuth: type: http scheme: basic
Is it working for you?
I didn't test this. Will let you know after testing.
The below format works for me. I tried.
swagger: '2.0'
info:
version: 1.0.0
title: Based on "Basic Auth Example"
description: >
An example for how to use Auth with Swagger.
host: basic-auth-server.herokuapp.com
schemes:
- http
- https
securityDefinitions:
Bearer:
type: apiKey
name: Authorization
in: header
paths:
/:
get:
security:
- Bearer: []
responses:
'200':
description: 'Will send `Authenticated`'
'403':
description: 'You do not have necessary permissions for the resource'
This works. Though not perfect, since I'd need to add the word Bearer before the token. But it's good enough. Thanks
The workaround worked for me as well but the solution is a little misleading for end users.
The Authorization window is showing API Key Auth instead of bearer Token.
When using swagger: "2.0", the portal does not allow type: "http". Only basic, apiKey, oauth2 are allowed. Hence, the workaround is to use type: "apiKey" and name it as Bearer.
When using openapi: "3.0.x", the portal should allow type: "http" and scheme: "bearer" which accurately represents Bearer token auth.
The above behavior is consistent in Swagger Editor.
I am facing one issue in apigeex portal - Authorize button is not visible when using OpenAPI 3.0.0 standard using SecuritySchemes. When I use the yaml in swagger editor it shows the Authorize button with all the schemes however APIGEEX Portal is not showing the authorize button. I do not want to use Swagger 2, I need to use OPANAPI 3.0.0 or above
Can anyone please help me.
Please post a new question. click the button in the upper right corner.