OpenAPI Authentication and Authorization: Difference between revisions
Jump to navigation
Jump to search
Line 16: | Line 16: | ||
* OAuth 2 | * OAuth 2 | ||
* OpenID Connect Discovery. | * OpenID Connect Discovery. | ||
=HTTP Authentication= | |||
==Bearer== |
Revision as of 17:07, 2 November 2023
External
Internal
Overview
This applies to OpenAPI 3.0.
OpenAPI uses the term security scheme for authentication and authorization schemes. OpenAPI 3.0 supports the following security schemes:
- HTTP authentication schemes, based on the
Authorization
header.- Basic
- Bearer token
- Other schemes defined by RFC7245.
- API keys in headers, query strings and cookies.
- Cookie authentication.
- OAuth 2
- OpenID Connect Discovery.