Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Authorization questions #13

Closed
jacobweber opened this issue Mar 21, 2014 · 3 comments
Closed

Authorization questions #13

jacobweber opened this issue Mar 21, 2014 · 3 comments

Comments

@jacobweber
Copy link

Under section 5.2 of the spec, it states that "If there are multiple authorization schemes described here, it means they're all applied." Is there a way to indicate that ANY instead of ALL authorization schemes are required?

Also, for the "apiKey" type, is there a way to indicate that multiple values are required? For example, 3Scale requires an app ID and app key, so you'd need two fields.

@webron
Copy link
Member

webron commented Mar 23, 2014

Currently, there's no way to note ANY rather than ALL. If you believe that's important, feel free to open a feature request here with hopefully a detailed use-case (I can probably see the benefit, but it's better to come from an end-user of Swagger).

As for the "apiKey" - you can simply add several "apiKey" authorization schemas, one for each field. Would that satisfy the needs?

@jacobweber
Copy link
Author

It would. But then if you add support for "ANY", I'd need a way to group them, so that they're treated as a unit (e.g. "oauth2 OR (apiKey1 AND apiKey2)").

@jacobweber
Copy link
Author

Opened #14

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants