hey-api
Multiple schemas result in no security
Description
If you generate an api client using more than one schema, there's no trace of the security configuration in the generated output.
Reproducible example or configuration
https://stackblitz.com/edit/hey-api-client-fetch-example-tysctap6?file=openapi-ts.config.ts
OpenAPI specification (optional)
linked in the stackblitz
System information (optional)
No response
![bolt-new-by-stackblitz[bot] avatar](https://avatars.githubusercontent.com/in/182710?v=4 "Published by a pub.dev verified publisher"){kind=small}
There's no documentation indicating how security configuration is handled when generating clients from multiple schemas, nor any mention of merging or overriding security definitions in this scenario. This likely means the generator doesn't merge security settings across schemas, which can result in missing security configuration in the output if you provide more than one schema.
A practical workaround is to manually merge your OpenAPI schemas (including their security definitions) into a single document before generating the client. Alternatively, you can configure authentication in the generated client using the auth field or interceptors to set the appropriate headers for requests that require authentication, as described in the docs for the Fetch client plugin and migration guide (source) (source).
If you need security to be reflected in the generated output, consolidating your security requirements into one schema before generation is the most reliable approach.
To reply, just mention @dosu.
How did I do? Good | Irrelevant | Incorrect | Verbose | Hallucination | Report 🐛 | Other 
![dosubot[bot] avatar](https://avatars.githubusercontent.com/in/324583?v=4 "Published by a pub.dev verified publisher"){kind=small}