Swagger-ui: OAuth "realm" option unclear

The OAuth2 spec doesn't use realm but some authorization servers do recognize it as a way of identifying the resource being accessed; likely a relic of SAML based token issuance. Azure's ACS had the concept of realm for example.

The intent is to identify the resource the caller wants to access. To use OAuth2 with Azure Active Directory (AAD) I'd to switch the realm query parameter to resource as that is what AAD expects. Same concept, just a different name.

Neither the realm nor resource parameters are part of the OAuth spec. so not really a bug, but not useful either. I can confirm that changing realm to resource when constructing the token URL in swagger-oauth.js allows Swagger UI to work with the AAD OAuth flow (though not in IE).

Please reopen if there's still an issue here, it seems like the request is for _non oauth2_ calls.

If realm is not part of oauth2 spec and only recognized by some authorization servers why does swagger ui require it to be present?

Sorry to be reopening an old issue but having been struggling to work out the meaning of the realm in my scenario. I think that realm being required is what made me think it was more important than it is.

realm seems to be a required parameter when it should really be optional. I'm just passing a - for it's value as a workaround. I'm also having to manually provide a resource parameter and value.