Security: Multi-API Key

[xxJimxx]

Authentication seems to be reading security directly from the components and not the security descriptor. When adding multiple keys they all show as individual authorization keys and not multi-key as documents indicate.

https://swagger.io/docs/specification/v3_0/authentication/api-keys/#multiple-api-keys

[ak1394]

Could you clarify which part of the extension you're referring to? Editor, preview, try it, etc?

[xxJimxx]

When clicking authorize each header appears as an independent authorization with it's own set of buttons to authorize and close.

[xxJimxx]

Even wIthout the security descriptor all headers still appear in the authorize click but as individual authorization..
security:

• ID: []
  NAME: []
  ENV: []
  TIMESTAMP: []
  SIGNATURE: []
  KEY_VERSION: []

components:
securitySchemes:
ID:
type: apiKey
in: header
name: CONSUMER.ID
NAME:
type: apiKey
in: header
name: SVC.NAME
ENV:
type: apiKey
in: header
name: SVC.ENV
TIMESTAMP:
type: apiKey
in: header
name: INTIMESTAMP
SIGNATURE:
type: apiKey
in: header
name: AUTH_SIGNATURE
KEY_VERSION:
type: apiKey
in: header
name: KEY_VERSION

[ak1394]

Again, could you explain which part of the extension you're referring to? Providing a screenshot might help.

[anthony-42crunch]

@xxJimxx
I've quickly tested and confirmed the tool does correctly implement the security schema for AND/OR cases.

You can check out the example illustrated here and add a comment if anything is unclear or different about your use case:

https://developers.42crunch.com/t/apis-with-multiple-auth-schemes/86