Closed lsiepel closed 4 years ago
heldersepu
commented
5 years ago Do you have a link to official documentation showing that?
I used the ApiKey and did not need that: https://github.com/heldersepu/TuroApi/blob/b4c6daac3fed5c75793a796d8bf8581449b56775/TuroApi/App_Start/SwaggerConfig.cs#L67
lsiepel
commented
5 years ago Can't find the official documenation, but all examples that i can find have this 'bearer' keyword added. devblog with example header: https://devblogs.microsoft.com/aspnet/jwt-validation-and-authorization-in-asp-net-core/
Found some real documentation: https://docs.microsoft.com/en-us/aspnet/web-api/overview/security/individual-accounts-in-web-api
// If we already have a bearer token, set the Authorization header.
var token = sessionStorage.getItem(tokenKey);
var headers = {};
if (token) {
headers.Authorization = 'Bearer ' + token;
}You probably didn;t need it because you didnt use openidconnect
bking-panasonic
commented
4 years ago The authorization header can be different based on what type of authentication scheme you're looking to use.
EX. [https://swagger.io/docs/specification/authentication/basic-authentication](Basic Auth) [https://swagger.io/docs/specification/authentication/bearer-authentication](Bearer Auth)
heldersepu
commented
4 years ago Closing issue base con last comment. the Bearer part(authorization header) should be entered at the input box at the ui by end users
When using Apikey, the Bearer part is missing and i don't see a way to add it.
c.ApiKey("Authorization", "header", "Filling bearer token here");The header contains:
Authorization: [token]Should be:
Authorization: Bearer [token]As i workaround i copy paste the Bearer part in the input box at the ui, but the API consumers tend not to read or forget, so i would like to have this Bearer part inserted.
Offcourse, all of this waiting for real openidconnect (client_credential) flow.