You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Allows the definition of a security scheme that can be used by the operations.
3346
+
Defines a security scheme that can be used by the operations.
3347
3347
Supported schemes are HTTP authentication, an API key (either as a header or as a query parameter) and OAuth2's common flows (implicit, password, application and access code).
3348
3348
3349
3349
##### Fixed Fields
@@ -3513,7 +3513,7 @@ The name used for each property MUST correspond to a security scheme declared in
3513
3513
Security Requirement Objects that contain multiple schemes require that all schemes MUST be satisfied for a request to be authorized.
3514
3514
This enables support for scenarios where multiple query parameters or HTTP headers are required to convey security information.
3515
3515
3516
-
When a list of Security Requirement Objects is defined on the [Open API object](#oasObject) or [Operation Object](#operationObject), only one of Security Requirement Objects in the list needs to be satisfied to authorize.
3516
+
When a list of Security Requirement Objects is defined on the [Open API object](#oasObject) or [Operation Object](#operationObject), only one of Security Requirement Objects in the list needs to be satisfied to authorize the request.
3517
3517
3518
3518
##### Patterned Fields
3519
3519
@@ -3566,15 +3566,15 @@ The extensions may or may not be supported by the available tooling, but those m
Some objects in the OpenAPI Specification MAY be declared and remain empty, or completely be removed, even though they are inherently the core of the API documentation.
3569
+
Some objects in the OpenAPI Specification MAY be declared and remain empty, or be completely removed, even though they are inherently the core of the API documentation.
3570
3570
3571
-
The reasoning behind it is to allow an additional layer of access control over the documentation itself.
3571
+
The reasoning is to allow an additional layer of access control over the documentation.
3572
3572
While not part of the specification itself, certain libraries MAY choose to allow access to parts of the documentation based on some form of authentication/authorization.
3573
3573
3574
-
Two examples for this:
3574
+
Two examples of this:
3575
3575
3576
3576
1. The [Paths Object](#pathsObject) MAY be empty. It may be counterintuitive, but this may tell the viewer that they got to the right place, but can't access any documentation. They'd still have access to the [Info Object](#infoObject) which may contain additional information regarding authentication.
3577
-
2. The [Path Item Object](#pathItemObject) MAY be empty. In this case, the viewer will be aware that the path exists, but will not be able to see any of its operations or parameters. This is different than hiding the path itself from the [Paths Object](#pathsObject) so the user will not be aware of its existence. This allows the documentation provider a finer control over what the viewer can see.
3577
+
2. The [Path Item Object](#pathItemObject) MAY be empty. In this case, the viewer will be aware that the path exists, but will not be able to see any of its operations or parameters. This is different than hiding the path itself from the [Paths Object](#pathsObject), so the user will not be aware of its existence. This allows the documentation provider a finer control over what the viewer can see.
3578
3578
3579
3579
## <a name="revisionHistory"></a>Appendix A: Revision History
0 commit comments