Security Definitions- SwaggerUI

[rajeshakt]

Hi Team,

Iam unable to load the security definitions through swagger UI documentations.

Please let me know if i need to include any js file/ div classes.

Thanks,
Rajesh

[webron]

Not sure what you mean by that. What are you trying to do exactly, what do you expect to see and what do you actually see?

[rajeshakt]

Please find the attached screenshot for reference. Unable to find these when i explored through swagger UI.

[webron]

That's because swagger-ui doesn't represent the security definitions that way, and is not intended to.

[rajeshakt]

what needs to be done to represent security definitions in SwaggerUI ?
Do we need to incorporate any .js.

[webron]

Currently, there's no way to display that.

[rajeshakt]

we needed that urgently for documentation. Any help will be appreciated !

[mohsen1]

Basic auth is simply a header. SwaggerUI has an API for adding auth headers. See here to learn about the API and here to learn about HTTP basic auth.

You can make a form somewhere in the UI to process username/passwords and set the auth header if you want

[rajeshakt]

My question is when the swagger editor can display, why swagger UI is not doing ?

This needs to be fixed, else how can we share the security information with the consumers?

What I feel is whatever the features are there in swaggereditor should be same in swaggerUI, whereas the later one is restricted to only for documentation/view.

Thanks,

[webron]

The editor and ui are two completely separate projects (for now). The UI does not show the security information right now, and there's no 'add-on' to add the display (though you can probably write one on your own). Basic authentication and OAuth2 can be easily integrated into the UI with no special display of the security specifically.

[shuisman]

+1
It would be very nice to include the security information in the swagger UI project. This information is very helpful when exploring the API.

[wesselkranenborg]

+1

[ximex]

👍

[Bazman]

+1

[ponelat]

I agree, most useful to know.
It would be nice if we didn't need to go into the index.html file to add authentication AND to be able to view it of course 😄 ... anyone keen on creating a PR?

[anirban1c]

+1 I am hard coding the auth headers at the moment, would love to have this in

[palamccc]

+1 😃

[alexvodovoz]

+1

[fela98]

+1

[fehguy]

See pull #2014 and please give feedback on that. There are a couple todos left

[ximex]

#2014 is merged

[ichpuchtli]

+1

[pawelprazak]

+1

[J4S0Nc]

+1

[my-flow]

+1

[sulliwane]

+1

[mmeylan]

+ 1

[ax003d]

+1

[merritts]

+1

[fehguy]

This is in the 2.1.5 release.

[neilyoung]

When will it be released?

[webron]

8 days ago.

[mnapoli]

With the latest release I cannot see anything different (with a Basic Auth documented), where is it supposed to display? Do you have any screenshot or link to the pull request?

[doooks]

I don't understand why displaying the security information for an API is out of scope.

http://swagger.io/swagger-ui/ says that Swagger UI is to "dynamically generate beautiful documentation" - why would the API's security mechanism be excluded from the visible documentation? You need that information to write an API client, you might not be using the auto-generated code.

Does anyone have a fork or a PR that renders the security infomation? Otherwise, if I work on a PR would someone on the project team consider that feature?

[webron]

@doooks - in general, we love getting PRs that push the project forward, but right now we're focused on a major update to the project and it's probably not the best time to submit such a PR specifically.

[bcfreitas]

+1

[vladkras]

+1
I had to move apikey to one of required parameters because of this

[iongion]

@vladkras amen!

[leonluocheng]

+1
I would like to see we have security feature integrated with the swagger UI.
The work around I can do is to add an "authorization" parameter

[webron]

@leonluocheng hmm? the security definitions are displayed in the current version.

[leonluocheng]

@webron I am using swashbuckle.core 5.5.3, maybe that causes this issue. but the swagger generated UI did not display the basic authentication that I specified in app configuration.

Example:
c.BasicAuth("basic").Description("Basic HTTP Authentication over TLS");

[webron]

That's a very old version of the UI. Use the latest one and you should be good.

[Pratyushm91]

Hi,

I went through the complete thread. I also require to display the basic auth security field for setting client id and secret. And with the new swagger it looks really cool. Kindly let me know if any module available which can render my json file to similar swagger ui format. I already used swagger ui formatter but it is not displaying me the security field.

Thanks.

[dFarkhod]

+1