Scopes: Logical OR and AND

[mrksbnch]

According to the Swagger documentation, it's already possible to use multiple authentication types:

security:  # (A AND B) OR (C AND D)
  - A
    B
  - C
    D

Is this concept also extensible to scopes? E.g.

security: 
  - oauth2: # user needs scope "A" or "B"
    - A
    - B

security:
  - oauth2: # user needs scope "A" and "B"
    - A
      B

I already tested this in the Swagger Editor and it doesn't seem to make a difference. So, is my assumption correct that scopes always use Logical AND?

[hkosova]

Logical "AND" and "OR" for scopes can be expressed as follows:

# User needs scopes A AND B
security:
  - oauth2:
    - A
    - B

# User needs scope A OR B
security:
  - oauth2:
    - A
  - oauth2:
    - B

# User needs scope (A AND B) OR C
security:
  - oauth2:
    - A
    - B
  - oauth2:
    - C

[mrksbnch]

Thanks!

[handrews]

Closing as answered.