OpenAPI-Specification icon indicating copy to clipboard operation
OpenAPI-Specification copied to clipboard

Published 20 hours ago verified publisher icon OAI

Possible to use $ref in security and securityDefinitions?

Open atdiff opened this issue 9 years ago • 2 comments
trafficstars

For large API structures, it makes sense to have API and definitions split out into multiple files for reuse and readability. Both security and securityDefinitions seem like properties that would benefit from leveraging the use of $ref. This way security info can be shared across multiple swagger files for one application. Is it currently possible and are there examples of how to do it? I've tried multiple ways of defining the structure and nothing seems to work/get validated.

atdiff avatar Nov 18 '16 21:11 atdiff

This is especially applicable when the scopes are the same in many path+operation permutations.

Just in case anyone stumbles into this, a workaround can be found here.

radj avatar Jan 16 '18 08:01 radj

If it helps anyone, we got the following to work in a file that references shared security settings:

components:
  securitySchemes:
    Basic_Authentication:
      $ref: 'https://your-public-url/auth.yml#/components/securitySchemes/Basic_Authentication'

and then defining

security:
  - Basic_Authentication: []

right before paths: . This is not the same as the securityDefinitions but it may help in cases like basic and bearer auth.

dosvath avatar Apr 15 '22 14:04 dosvath