Authentication and Authorization[edit]
This tab helps you manage API authentication and authorization using security schemes. Security can be defined globally then inherited by all operations. An operation can override inherited global security.
Add Security Scheme[edit]
To add a security scheme, either select the + button from the local toolbar or right-click the Security Schemes node then select New Security Scheme from the popup menu.
Fill in the security name and type in the wizard then hit Finish.
The newly created security scheme appears in the left and its content in the right editor.
Delete Security Scheme[edit]
Select the security scheme you want to delete then click the X button from the local toolbar. Or right-click the scheme to delete then select Delete from the popup menu.
Update Security Scheme[edit]
Select the security scheme to update. Its content shows up in the right-side editor where you can update it.
Add OAuth Flow[edit]
To add an OAuth flow, right-click the OAuth security scheme or Flows node (under the security scheme if it already has one), then select New Flow from the popup menu.
Select a flow type in the wizard then hit Finish;
The newly created flow appears selected on the left side and its content in the right-side editor where you can proceed with editing.
Update OAuth Flow[edit]
Select the OAuth flow to update. Its content which depends on the flow type shows up in the right-side editor where you can update it. The editor also allows you to add/update/remove flow scopes.
Delete OAuth Flow[edit]
Select the OAuth flow you want to delete then click the X button from the local toolbar. Or right-click the OAuth flow to delete then select Delete from the popup menu.
Define Global Security[edit]
Security may be defined globally. That is, on API level, and will apply to all operations/calls. Security can be overridden on operation level, though.
To define security globally, select the bottom Security tab, then select the tab titled: Define Global Security
If you want to you use, in one go, all available security schemes in your global security, check then the check-box beside the root Security Requirements. Uncheck it if you want to use no security at all on a global level.
Otherwise to select-add a security scheme, right-click the root node Security Requirements, then Add Security Scheme (OR) then select the scheme you want.
Note: All security schemes on root level (Security Requirements) are logically OR-ed when evaluated.
If a security scheme has scopes, then check/uncheck the box beside each scope to add/remove it
To group a security scheme with another one making a list of them, right-click a security scheme, then select from the AND menu the scheme to add.
Note: All security schemes within a list/group are logically AND-ed when evaluated.
No Global Security Usage[edit]
You can opt for not defining any global security at all. Operations may still have their own security defined locally.
To disable any global security, uncheck the box next to the root node: Security Requirements
Define Operation Security[edit]
You can override global security on the operation level. To do so, go to the Paths tab (at the bottom) then select the operation you want. Select the Security tab where you can define security on the selected operation level.
If you want to you use, in one go, all available security schemes in your global security, check then the check-box beside the root Security Requirements. Or uncheck it so that no security will be used on this operation level.
Note: All security schemes on root level (Security Requirements) are logically OR-ed when evaluated.
If a security scheme has scopes, then check/uncheck the box beside each scope to add/remove it
To group a security scheme with another one making a list of them, right-click a security scheme (not the root), then select from the AND menu the scheme to add.
Note: All security schemes within a list/group are logically AND-ed when evaluated.
Inherit Global Security[edit]
Globally defined security is inherited automatically by all operations unless overridden by individual operations. An operation may choose to use less, more, or no security at all.
If you want to restore operation security back to default global security. Then, select the operation from the left view, right-click the root node: Security Requirements (in the right editor), and select Inherit Global Security from the pop-up menu.
No Security On Operation Level[edit]
An operation may opt for not using any security at all by overriding the globally defined security.
Select the operation from the left view, right-click the root node: Security Requirements (in the right editor) and select Don't Use Any Security from the pop-up menu.