Open skiddow123 opened 2 weeks ago
Would be nice to have the option to hide this. We use a springdoc generator in Java using OIDC PKCE flow and client secret is useless for us. Only confuses the user
Are you trying to hardcode secrets in the Swagger UI ?!? that is a bad idea, the end user should enter that, not have it hardcoded...
I'm configuring Swagger UI as an OAuth2 client in my Spring application. I see that I'm required to set the client secret using the property: springdoc.swagger-ui.oauth.client_id=secret. However, I want to know if there is a way to hide or protect the client secret in the Swagger UI. Is there a recommended approach to achieve this while still allowing users to authenticate through OAuth2? I already created an issue https://github.com/springdoc/springdoc-openapi/issues/2737 on the springdoc repo and I was directed here