6 Replies Latest reply on Jan 21, 2020 7:27 PM by thatJeffSmith-Oracle

Swagger documentation not showing security definitions

Leandroide Jan 2, 2020 6:42 PM

Hi guys, I could notice that the generated swagger documentation is not adding the "securityDefinitions" specification to consume endpoints when you protect them by privileges.

I am using a swagger server to summarize all my endpoints, and its frontend logic is not showing me the token input due to the lack of security specification.

Is there a way to achieve this? Thanks.

1. Re: Swagger documentation not showing security definitions

thatJeffSmith-Oracle Jan 2, 2020 7:30 PM (in response to Leandroide)

We've never provided security info in the swagger definition, what exactly are you looking/asking for?
Like Show 0 Likes(0)

Actions
2. Re: Swagger documentation not showing security definitions

Arnost Klaska Jan 3, 2020 7:31 AM (in response to thatJeffSmith-Oracle)

Hi,
you can't test your openapi definitions in swagger-editor or swagger-ui without defining security. See https://swagger.io/docs/specification/authentication/ . I had mentioned it in ORDS 19.1 Database API Authentication

Regards
Arnost
Like Show 1 Likes(1)

Actions
3. Re: Swagger documentation not showing security definitions

Leandroide Jan 3, 2020 12:14 PM (in response to thatJeffSmith-Oracle)

That's it, the openapi JSON specification does not contain the security definitions used by swagger, needed to test the services that require token, using swagger-ui.

If the endpoints are unsecured, there is no problem, but if you had protected them, swagger could not be aware of that and you can not send the bearer token with your requests.

So, ORDS is not adding that required definitions, in order that I could make the API docs for third-party developers.
Like Show 0 Likes(0)

Actions
4. Re: Swagger documentation not showing security definitions

thatJeffSmith-Oracle Jan 3, 2020 2:42 PM (in response to Leandroide)

I'm logging an enhancement request for you, stay tuned.

It's in the swagger/openapi spec, so we could/SHOULD include it.
Like Show 1 Likes(1)

Actions
5. Re: Swagger documentation not showing security definitions

Leandroide Jan 21, 2020 6:19 PM (in response to thatJeffSmith-Oracle)

Hi Jeff, any news about this? Thanks!
Like Show 0 Likes(0)

Actions
6. Re: Swagger documentation not showing security definitions

thatJeffSmith-Oracle Jan 21, 2020 7:27 PM (in response to Leandroide)

I logged it like I said before. It hasn't been coded yet. We have about a month before 20.1 goes into feature/code freeze. So there's still a chance it'll make the cut.
Like Show 1 Likes(1)

Actions

Go to original post