OpenAPI Authentication and Authorization
Jump to navigation
Jump to search
External
Internal
Overview
This applies to OpenAPI 3.0.
OpenAPI uses the term security scheme for authentication and authorization schemes. OpenAPI 3.0 supports the following security schemes:
- HTTP authentication schemes, based on the
Authorization
header.- Basic
- Bearer
- Other schemes defined by RFC7245.
- API keys in headers, query strings and cookies.
- Cookie authentication.
- OAuth 2
- OpenID Connect Discovery.