OpenAPI Authentication and Authorization: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
Line 16: Line 16:
* OAuth 2
* OAuth 2
* OpenID Connect Discovery.
* OpenID Connect Discovery.
=HTTP Authentication=
==Bearer==

Revision as of 17:07, 2 November 2023

External

Internal

Overview

This applies to OpenAPI 3.0.

OpenAPI uses the term security scheme for authentication and authorization schemes. OpenAPI 3.0 supports the following security schemes:

  • HTTP authentication schemes, based on the Authorization header.
    • Basic
    • Bearer token
    • Other schemes defined by RFC7245.
  • API keys in headers, query strings and cookies.
    • Cookie authentication.
  • OAuth 2
  • OpenID Connect Discovery.

HTTP Authentication

Bearer