Currently the specification borrows authentication methods from the OpenAPI spec. While this gives a lot of flexibility it creates a major implementation burden to clients wishing to support all spec-compatible endpoints.
I would suggest that the number of authentication methods is limited to lower the burden for clients while harmonizing server implementations. Maybe bring it down to two methods?
Currently the specification borrows authentication methods from the OpenAPI spec. While this gives a lot of flexibility it creates a major implementation burden to clients wishing to support all spec-compatible endpoints.
I would suggest that the number of authentication methods is limited to lower the burden for clients while harmonizing server implementations. Maybe bring it down to two methods?
Related: #26 #41