Drf-yasg: Unclear how to use `security` parameter in `@swagger_auto_schema`

Created on 4 Sep 2018  路  1Comment  路  Source: axnsan12/drf-yasg

Hi, great project, I have found it to be very useful.

I have been having some trouble with documenting a bearer token authorization used by a single endpoint. Because only one endpoint makes use of this particular authentication scheme, I want to define it with the @swagger_auto_schema decorator. I see that there is a security parameter, but I am unable to find any examples of it being used out in the wild. How should security definitions be formatted at this level? I have tried a few reasonable formats without success. The type hint isn't really enough information to go off of.

Here is what I tried:

    @swagger_auto_schema(operation_id="foo",
                         security=[
                             {
                                 "foo key": {
                                    "type": "apiKey",
                                    "name": "api_key",
                                    "in": "header"
                                 }
                             }
                         ],
...
...

This results in a blank authorization field appearing in operation foo without any errors or warnings.

question

Most helpful comment

You first have to define a Security Definition object, no matter how many endpoints use it. The related drf-yasg setting for this is SECURITY_DEFINITIONS.

You may then specify a list of Security Requirement objects either as a default in SECURITY_REQUIREMENTS, or on a per-operation basis using the security argument.

Security requirements reference security schemes by their security definitions name.

>All comments

You first have to define a Security Definition object, no matter how many endpoints use it. The related drf-yasg setting for this is SECURITY_DEFINITIONS.

You may then specify a list of Security Requirement objects either as a default in SECURITY_REQUIREMENTS, or on a per-operation basis using the security argument.

Security requirements reference security schemes by their security definitions name.

Was this page helpful?
0 / 5 - 0 ratings

Related issues

gertjanol picture gertjanol  路  5Comments

tiltec picture tiltec  路  4Comments

hnykda picture hnykda  路  3Comments

maikotz picture maikotz  路  4Comments

Safrone picture Safrone  路  3Comments