How to specify security schemes for API Endpoints

[kushal-ti]

Hi, first of all, i just want to say this is in an incredibly useful tool and has made my life much easier.

I was wondering if there's a way to specify the required security schema for an API route, such as bearer Auth for example yet. For instance, with the apispec flask plugin, you can specify security schema in the docstring of the method as seen here https://apispec.readthedocs.io/en/latest/#example-application.

I have added bearer auth to my swagger definition itself, using the following code

bearer_auth = {"type": "http", "scheme": "bearer"}
spec.components.security_scheme("Auth", bearer_auth)

which has resulted in my rendered API Swagger looking as such

But i can't figure out how to add the bearer auth as a security to specific routes

I've been through the source code and far as i can tell there isn't an inbuilt way to do this already, but just wanted to confirm. If it is not, i'd like to contribute the same if you're accepting PRs

[kushal-ti]

Update, i looked into it and it was a very basic edit, just 2 lines of code changes, so i made them anyway, have raised a pull request here https://github.com/TestBoxLab/chalice-spec/pull/17

Please do review and merge if acceptable

[jakemwood]

Hi @kushal-ti ! Sorry for the delay here. This has been released in v0.7.0!