Azure
Display security definitions in the API reference pages
Security definitions, like headers with API keys, need to be rendered in the API operation details widget.
@mikebudzynski, thank you for opening this issue. We will triage it within the next few business days.
Is there any update on this issue?
I interpret this issue relevant to OpenAPI spec's containing security such as example spec below, the security header is not displayed on the developer portal.
For example a short snippit of my api contains information about the expected security header "Authorization: Bearer <JWT_TOKEN>":
openapi: 3.0.3
info:
title: Application Registration Service
description: Service for managing application registrations
version: 0.0.1
servers:
- url: http://0.0.0.0:8080/apim-api
paths:
/v1:
get:
tags:
- appReg
summary: listClientAppRegistrations appReg
operationId: appReg#listClientAppRegistrations
responses:
"200":
description: OK response.
content:
application/json:
schema:
type: object
example:
Alias molestias ipsam voluptas id fuga sint.:
client_secret: xyz-789-qrs-456
additionalProperties:
$ref: '#/components/schemas/AppReg'
example:
Dolorem enim sed.:
client_secret: xyz-789-qrs-456
....
"401":
description: 'invalid_token: Unauthorized response.'
content:
application/vnd.goa.error:
schema:
$ref: '#/components/schemas/Error'
security:
**- JwtAuth_header_Authorization: []`**
` securitySchemes:
**JwtAuth_header_Authorization:**
type: http
description: Use JWT to authenticate
scheme: bearer`
But there is no built in support to display the Authorization header in the developer portal, atleast of my knowledge:
To reproduce:
- Create an OpenAPI spec containing a security definition on an endpoint.
- Import spec into azure api management
- Log into azure hosted developer portal for relevant api management instance
- view the api, which does not refference any security header
