search

airtasker / spot

Spot is a concise, developer-friendly way to describe your API contract.
Other
553 stars 38 forks source link

Support enhanced security headers #1004

Open mahirk opened 3 years ago

mahirk commented 3 years ago

Is your feature request related to a problem? Please describe. An organization may have one more security strategies, that also may be specific to a certain flow. These may also extend to various types such as api key, openID or OAuth. In my case, I would like to define 2 security schemes, apply one globally, but apply the second selectively.

Describe the solution you'd like

Smaller Fixes

  1. Allow multiple security schemes to be defined with custom names
  2. Allow security headers for individual requests

Longer Term

  1. Allow for more authentication flows and permission boundaries

Describe alternatives you've considered Unfortunately there was no work around to this.

Additional context Flows: https://swagger.io/docs/specification/authentication/

josemf commented 2 years ago

This would be a great enhancement,

I had to manually put some content in the generated yml file to support the security headers I was requiring and while that didn't stopped me from using Spot for everything else, it would be great to have it as a feature.

Thank you!