Authentication directly in the OpenAPI specification

[aniewielska]

I am opening the issue to start/resume a discussion around authentication requirement for Cloud WS APIs, in this case TES.

• Should TES specification contain authentication requirement (should all compatible implementations support authentication)?
• Which methods should be supported?
• If authentication is a requirement, can it be described directly using [OpenAPI] (https://swagger.io/docs/specification/authentication/) securitySchemes?
• How to ensure compatibility with emerging GA4GH standards such as GA4GH Passports?

Currently TES specification suggests: If authentication is required, we recommend that TES implementations use an OAuth2 bearer token, although they can choose other mechanisms if appropriate. We know of implementations supporting either OAuth2 bearer tokens or Basic Auth.

[kellrott]

There is an example of auth notations in https://github.com/ga4gh/data-repository-service-schemas/blob/master/openapi/data_repository_service.openapi.yaml