configurable/hide anonymous option in try_it. #80
Comments
|
I disagree @hadesbox, by allowing to make the call unauthenticated, you can test what the API does when a security scheme is not applied. The API console is a documentation as well as an API testing tool. |
I agree on that, never meant this to be a mandatory change... I was proposing to be able to configure this in case you need it for your API Console deployment. Feel free to close this, as its not really an issue. |
|
At the very least, though, the new API Console we're working on should make
|
|
The option to disable anonymous would be extremely useful. Many of my developers are being led astray by the option (which will never work on my API) on the first-use experience, and I look to the console to help users make valid requests as they're getting familiar. There are many other ways (curl, Postman, etc) to generate an invalid request to see what would happen. |
|
@jbocharov: the latest version of the console will allow you to use Anonymous requests:
/teams:
post:
securedBy: [ null, oauth_2_0]
|
Currently, if your API ONLY supports authenticated calls (and not anonymous) you are still shown on the API Console this option on the try it section, and this is misleading to developers using the console.
This is because in app/views/security_schemes.tmpl.html the line 8
is hard coded to always show anonymous regardless of API configuration, and the only way to disable this is deleting the line on the source code... this should be configurable or it should be shown only when NO security (secure_by) is defined for the service.
The text was updated successfully, but these errors were encountered: