Skip to content

[OpenAPI] Add securitySchemes #3197

New issue
New issue
Open
Open
[OpenAPI] Add securitySchemes#3197
Labels
OpenAPIenhancement
@lcawl

Description

@lcawl
lcawl
opened on Nov 29, 2024

priority: low
effort: low

🚀 Feature Proposal

The OpenAPI documents are missing securitySchemes and security declarations.

They could perhaps be added similarly to the info in https://github.com/elastic/elasticsearch-specification/blob/main/compiler/src/steps/add-info.ts

NOTE: I believe that you could have the same list of securitySchemes for both documents, but the security list for the serverless document would not include basicAuth.

Motivation

Relates to elastic/docs-content#192

Example

In the Kibana openAPI document, it looks like this:

security:
  - apiKeyAuth: []
  - basicAuth: []

...

  securitySchemes:
    apiKeyAuth:
      description: |
        These APIs use key-based authentication. You must create an API key and use the encoded value in the request header. For example: `Authorization: ApiKey base64AccessApiKey`
      in: header
      name: Authorization
      type: apiKey
    basicAuth:
      scheme: basic
      type: http

As a stop gap, we're implementing them via overlays:

elasticsearch-specification/docs/overlays/elasticsearch-serverless-openapi-overlays.yaml

Line 22 in 7a7e2a2

# Add security details
and

elasticsearch-specification/docs/overlays/elasticsearch-openapi-overlays.yaml

Line 27 in 7a7e2a2

# Add security details

Metadata

Metadata

Assignees

No one assigned

    Labels

    OpenAPIenhancement

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions