OpenAPI Authentication and Authorization

From NovaOrdis Knowledge Base
Revision as of 16:57, 2 November 2023 by Ovidiu (talk | contribs) (Created page with "=External= * https://swagger.io/docs/specification/authentication =Internal= * Open API =Overview= This applies to OpenAPI 3.0. O...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

External

Internal

Overview

This applies to OpenAPI 3.0.

OpenAPI uses the term security scheme for authentication and authorization schemes. OpenAPI 3.0 supports the following security schemes:

  • HTTP authentication schemes, based on the Authorization header.
    • Basic
    • Bearer
    • Other schemes defined by RFC7245.
  • API keys in headers, query strings and cookies.
    • Cookie authentication.
  • OAuth 2
  • OpenID Connect Discovery.