Hi,
Here is my config.yml :
nelmio_api_doc:
sandbox:
authentication:
name: Authorization
delivery: header
type: bearer
custom_endpoint: false
accept_type: application/json
body_format:
formats: [ json ]
default_format: json
request_format:
formats:
json: application/json
method: accept_header
default_format: json
Here is an example annotation :
/**
* Get currently logged in profile
*
* @Get("/me")
*
* @ApiDoc(
* description="Get currently logged in profile",
* section="/profile",
* resource=true,
* headers={
* { "name"="Authorization", "description"="Bearer JWT token", "required"=true }
* },
* statusCodes={
* 200="Profile found",
* 401="Invalid JWT authentication"
* }
* )
*
* @param UserInterface|User $user
*/
public function getMyProfileAction(UserInterface $user)
{
I set my api key in NelmioApiDoc's top bar.
Now when I click on "Try It !" for the corresponding route, the Authorization header is not sent :

And my question is : why ?
Thanks in advance
It seems to me that you're overriding it in the sandbox. Can you try removing the Authorization header in the sandbox of the route you're trying to access?
Tried it already. No luck 馃槩
Then maybe try removing the Authorization header in your annotation?
Tried it too..
Is this an issue then ?
@Yonn-Trimoreau I can't tell, when I needed a bearer header, I had to put the prefix alongside with the token (eg Bearer myToken), did you try it?
Yes. It works. But I expect not having to retype my Authorization header each time I use the sandbox. And that's actually a functionality of NelmioApiDocBundle, right ?
Looking at the code, it seems to be supported so it must be a bug.
I'm currently working on 3.0 and I don't have the time to investigate on this; if someone is willing to make a PR, feel free to do it :)
I will do this if I have time, but maybe in a long time. Time is running out of me for the moment. If someone is willing to do it before I do, I'll appreciate. And I will give him a cookie. <3
@Yonn-Trimoreau
You need to specify delivery to "http":
nelmio_api_doc:
sandbox:
authentication:
name: Authorization
delivery: http
type: bearer
And remove the apidoc "headers" from your method; replace it with "authentication=true".
e.g. :
/**
* @ApiDoc(
* section="Users",
* description="Get a single user",
* authentication=true,
* output={
* "class"=User::class,
* "parsers"={
* "Nelmio\ApiDocBundle\Parser\JmsMetadataParser"
* }
* },
* requirements={
* {
* "name"="id",
* "dataType"="integer",
* "requirement"="\d+",
* "description"="The ID of the user"
* }
* },
* statusCodes={
* 200="Returned when successful",
* 404={
* "Returned when the user is not found",
* "Returned when something else is not found"
* }
* }
* )
*/
public function getAction($id)
{}
After calling your url to retrieve your token, you must paste it into the top "api key" field. The, You can call your other urls requiring authentication.
@quentin-berlemont Your solution works like a charm for me.
Most helpful comment
@Yonn-Trimoreau
You need to specify delivery to "http":
And remove the apidoc "headers" from your method; replace it with "authentication=true".
e.g. :
After calling your url to retrieve your token, you must paste it into the top "api key" field. The, You can call your other urls requiring authentication.