swagger-ui icon indicating copy to clipboard operation
swagger-ui copied to clipboard

Published 20 hours ago verified publisher icon swagger-api

Show required OAuth scopes on each endpoint

Open pacey opened this issue 6 years ago • 13 comments

The API I am documenting has a lot of scopes available. However, a single endpoint usually only requires one scope. Currently a padlock is displayed on each endpoint and clicking it opens the Available authorizations modal where all scopes the API has are displayed.

It would be great to know which individual scopes are required per endpoint.

I have checked my source swagger json and this information is there on a per endpoint basis. Here is a subset of my swagger json to show the relevant sections:

{
  "swagger": "2.0",
  "info": {
    "description": "Api Documentation",
    "version": "1.0",
    "title": "Api Documentation",
    "termsOfService": "urn:tos",
    "contact": {},
    "license": {
      "name": "Apache 2.0",
      "url": "http://www.apache.org/licenses/LICENSE-2.0"
    }
  },
  "paths": {
    "/v1/organisations/{id}": {
      "get": {
        "summary": "Get a single Organisation",
        "operationId": "getByIdUsingGET",
        "security": [
          {
            "Auth0": [
              "get:organisation"
            ]
          }
        ],
        "deprecated": false
      }
    }
  },
  "securityDefinitions": {
    "Auth0": {
      "type": "oauth2",
      "tokenUrl": "https://xxxxxxxxx/oauth/token",
      "flow": "application",
      "scopes": {
        "create:organisation": "Create an Organisation",
        "get:organisation": "Get a single Organisation",
        "list:organisation": "List Organisations",
        "update:organisation": "Update an Organisations",
        "delete:organisation": "Delete an Organisations",
      }
    }
  }
}

pacey avatar Dec 05 '18 12:12 pacey