api-blueprint icon indicating copy to clipboard operation
api-blueprint copied to clipboard

Published 20 hours ago verified publisher icon apiaryio

Authentication

Open zdne opened this issue 12 years ago • 14 comments

Direct support for API authentication.

RFC proposals

zdne avatar Aug 14 '13 14:08 zdne

This sounds really useful to me.

xurde avatar Aug 14 '13 15:08 xurde

@xurde Glad to hear that! If you feel like, feel free to propose a syntax or just share a stub / example of how would you like to describe it. Also are you interested in a particular type of authentication?

zdne avatar Aug 14 '13 18:08 zdne

I would be interested in supporting OAuth 1.1 which requires setting HTTP Authorization header with various fields.

rurounijones avatar Aug 15 '13 05:08 rurounijones

I would like to be able to mock / use / define the requesting of a token based on username/credentials and using that token for subsequent requests to the api. I suppose inlining some javascript that generates / parses the tokens or the username/credenitials into the blueprint could be a solution.

remkoboschker avatar Aug 15 '13 08:08 remkoboschker

OAuth 2.0 is quite widely used.

kadishmal avatar Oct 16 '13 02:10 kadishmal

Please let me know whether traits as proposed in #47 would improve auth needs. Also refer to this example: https://gist.github.com/zdne/01e287fe18d232672d43#file-4-example-gist-fox-api-md

zdne avatar Dec 17 '13 17:12 zdne

To be addressed (and closed) with #47.

zdne avatar Jan 31 '14 12:01 zdne

Not sure if this is still being worked on, but a way to document that an API key is required for all requests would be great! So somewhere I could put that {?apikey} is in all requests without having to manually add it as parameters to all paths.

w3irdrobot avatar Dec 18 '14 05:12 w3irdrobot

Hey @searsaw, yes, this is our top-priority – scheduled right after #25 (which is drawing to an end so we will hopefully start on it soon).

cc @pksunkara

zdne avatar Dec 18 '14 07:12 zdne

The oauthd project has a very nice gallery of declarative descriptions for various OAuth authentications of more than 100+ production APIs. Have a look to files conf.json and settings.json in any folder here.

I think it's a good inspiration for OAuth requirements in the API Blueprint syntax.

netmilk avatar May 11 '15 15:05 netmilk

Syntax proposed at #201

pksunkara avatar Jun 01 '15 13:06 pksunkara

Added RFC proposals to the OP: https://github.com/apiaryio/api-blueprint/issues/11#issue-18055746

zdne avatar Dec 01 '15 13:12 zdne

So what's the status of authentication? #201 was closed, because it was superseded by https://github.com/apiaryio/api-blueprint-rfcs/pull/5 and https://github.com/apiaryio/api-blueprint-rfcs/pull/6. They were merged as RFC over two years ago, so is it going to be implemented?

imanel avatar Feb 22 '18 07:02 imanel

Any update?

hsluoyz avatar Dec 11 '20 07:12 hsluoyz