search

zuplo / zudoku

Framework for building high quality, interactive API documentation.
https://zudoku.dev
MIT License
97 stars 7 forks source link

Support room level security schemes #189

Open zamd opened 2 months ago

zamd commented 2 months ago

We define security schemes at the root level and same schemes are applied to all endpoints. This doesn't work in the Try box.

  "security": [
    {
      "authlete": []
    },
    {
      "bearer": []
    }
  ]
  "securitySchemes": {
      "authlete": {
        "type": "oauth2",
        "description": "Click the **Get Token** button below to log in with your Authlete account and retrieve an access token for API access.",
        "flows": {
          "authorizationCode": {
            "authorizationUrl": "https://login.authlete.com/authorize",
            "tokenUrl": "https://login.authlete.com/token",
            "scopes": {
              "authlete": "Inherit Authlete Account Permissions"
            },
            "x-client-id": "api-explorer",
            "x-default-scopes": "authlete",
            "x-pkce-only": true
          }
        }
      },
      "bearer": {
        "type": "http",
        "scheme": "bearer",
        "description": "Obtain an **access token** and set it in the following textbox."
      }
    }
linear[bot] commented 2 months ago

ZUP-3609 Support room level security schemes

gdahlin commented 1 week ago

This would be highly appreciated as well as being able to set configurable scopes on the OpenId Zudoko configuration.

Aditionally, supporting specific scopes on individual api endpoints/methods through the OpenAPI security configuration is a big plus.