I'm writing API documentation for my application using Swagger 3.0. My application has some apis that include some middlewares. I want to describe that which api has the middlewares (like parameters or security tag)
Is that possible in swagger or is there any trick to display that?
Related
I have a spring boot REST service which is protected with Azure AD, so I'm using the Spring Boot Starter for Azure AD.
I'm also using the springdoc-openapi library to generate the API documentation. For now I'm hand writing the yaml file to describe the documentation.
I'm looking for help with getting swagger to authenticate with Azure AD so that I can try out the endpoints in the backend.
Is there someway to do this by either editing the yaml file or with the springdoc-openapi library?
For getting swagger to authenticate with Azure AD you need to create registered two web application one is for webAPI and another is for your swagger.Then you shoukd require Delegated Permissions for your Swagger Web Site to ‘Access’ your WebAPI.As swagger is in-built configured in the .Net 5.0 template so that we don't need to take care of documenting our APIs in this latest .Net 5.0.
You can refer this Document here they have given in steps how to authenticate swagger with azuread.
You can also refer this document for how Setup Swagger to authenticate against Azure Active Directory is provided by devloper community of .net
Using Swagger UI from Springdoc OpenAPI 1.5.11 in a Spring Boot 2.5.3 web application that exposes a REST API.
The REST API is secured using a bearer provided JWT token.
I successfully configured Springdoc to display the "Authorize" button with bearer authorization, where users can type a valid JWT token, and use that token when calling the REST API.
Hence, using the REST API is properly secured.
But viewing the REST API (endpoints, methods, input and output data structures, etc) must also be secured. This means that the API definition endpoint (the one defined by "springdoc.api-docs.path") called by Swagger UI should also use the token.
So far, I could not make Swagger UI use token to fetch the API definition, see snapshot.
Is this possible ?
I´m using Microprofile-GraphQL extension (https://quarkus.io/guides/microprofile-graphql) for Quarkus together with Smallrye JWT (https://quarkus.io/guides/security-jwt) to secure my GraphQL endpoint.
This however blocks the Graphql UI that comes with the Microprofile extension under /graphql-ui
Is there any way to permitt / allow routes that are not defined in your own rest controllers?
Something like
quarkus.http.auth.permission.permit.paths=/graphql-ui/*
quarkus.http.auth.permission.permit.policy=permit
should do it, please see Quarkus Authorization
I am using the apiDiscovery-1.0 feature in Liberty in order to expose the Swagger UI for my REST APIs. However, my REST APIs are secured using Basic Auth and the Authorize button is not being displayed in the UI exposed by the apiDiscovery feature in Liberty. Is this supported with the apiDiscovery feature?
The version of Liberty that I am using is as follows:
product = WebSphere Application Server 17.0.0.2 (wlp-1.0.17.cl170220170523-1818)
If you are using annotations (JAXRS + Swagger v2), please note that you can only reference security definitions from within your annotated code - to actually declare them you will have to use a Swagger v2 stub document (inside META-INF/stub).
Check this sample.
In there we declare the security definition in the stub and then reference it from the annotation.
This is due to a limitation in the Swagger v2 annotation library that doesn't allow for security declarations from within annotations. This is something we're working to fix for OpenAPI v3.
Is there a way that make Spring generate documents of all my rest APIs automatically and set it as the error page?
Spring REST Docs is the tool to help you to produce documentation for your RESTful services that is accurate and readable.
An alternative is swagger, with the swagger annotion, it is eaiser to integrate with existing RESTful services and generated the swagger UI page.
Then customize the spring boot error page