zalando / zally

A minimalistic, simple-to-use API linter
https://zalando.github.io/zally
MIT License
905 stars 145 forks source link

Support api_key security scheme #1407

Open Rajesh-Narayanappa87 opened 2 years ago

Rajesh-Narayanappa87 commented 2 years ago

Hi Team, We have spec file(OAS3) having apiKey param.. Example is below. Linter is complaining security issue though required apiKey details exist.. On checking, we found only OAUTH2 is supported. Is it possible to add support for apiKey Please?

security:
  - ApiKeyAuth: []
components:
  securitySchemes:
      ApiKeyAuth:
        type: apiKey
        name: api_key
        in: header
tkrop commented 1 year ago

Since we do not support API Key Authorization in Zalando and it is not part of our API Guidelines, we have no need to implement this rule. However, we would be open, if you want to contribute this rule as part of a zally-ruleset-community under https://github.com/zalando/zally/tree/main/server.