Reputation: 847
SwaggerUI not adding ApiKey to Header with Swashbuckle (5.x)
I am using Swashbuckle.AspNetCore 5.0.0 to generate Swagger documentation for my .Net Core WebApi project, and for the most part, everything is going fine.
I have set up some simple authentication using ApiKey, and that is working good.
Where I am having problems now is getting Swagger to add an ApiKey into the header of my requests. I followed the instructions for added the ApiKey security Definition/requirement, as mentioned in these various posts:
API key in header with swashbuckle
Empty authorization header on requests for Swashbuckle.AspNetCore
How to force Swagger/Swashbuckle to append an API key?
However, the ApiKey value is never added to the Header.
This is what I have in my startup:
c.AddSecurityDefinition("ApiKey",
new OpenApiSecurityScheme
{
Description = "ApiKey must appear in header",
Type = SecuritySchemeType.ApiKey,
Name = Constants.ApiKeyHeaderName,
In = ParameterLocation.Header
});
and
c.AddSecurityRequirement(new OpenApiSecurityRequirement
{
{
new OpenApiSecurityScheme
{
Name = Constants.ApiKeyHeaderName,
Type = SecuritySchemeType.ApiKey,
In = ParameterLocation.Header
},
new List<string>()}
});
Upvotes: 17
Views: 9961
Answers (3)
Reputation: 473
Important tip is name in AddSecurityDefinition must be the same as Id in OpenApiReference. name can be every string.
Upvotes: 8
Reputation: 3586
I was struggling myslef with this one but figured out that besides adding proper Reference, you have to also specify Scheme in definition, this is the code that is working for me correctly:
c.AddSecurityDefinition("ApiKey", new OpenApiSecurityScheme()
{
Name = "x-api-key",
In = ParameterLocation.Header,
Type = SecuritySchemeType.ApiKey,
Description = "Authorization by x-api-key inside request's header",
Scheme = "ApiKeyScheme"
});
var key = new OpenApiSecurityScheme()
{
Reference = new OpenApiReference
{
Type = ReferenceType.SecurityScheme,
Id = "ApiKey"
},
In = ParameterLocation.Header
};
var requirement = new OpenApiSecurityRequirement
{
{ key, new List<string>() }
};
c.AddSecurityRequirement(requirement);
Upvotes: 18
Reputation: 847
OK, I was finally able to get this to work. I needed to add an instance of OpenApiReference to the OpenApiSecurityScheme object provided to c.AddSecurityRequirement()
Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "ApiKeyAuth" }
I have to say that the documentation on this is a bit confusing. Probably not in small part due to the fact that anything posted on the internet is there forever, and so many posts that I found on this whole thing were no longer applicable due to changes in the framework :)
Now I just need to figure out how to send another header value along with the api-key, and I'll be done with this part
Upvotes: 6
Related Questions
- Swashbuckle/Swagger + ASP.Net Core: "Failed to load API definition"
- API key in header with swashbuckle
- Swashbuckle does not display the API correctly
- Swashbuckle + ASP.Net Core WebApi: Swagger Document does not include Request-Header or QueryParameter for version selection?
- Swashbuckle.AspNetCore.SwaggerGen v5 does not send the headers
- Swashbuckle Swagger Asp.Net Core Pass Api Key as Default Header Value in Request
- How to force Swagger/Swashbuckle to append an API key?
- How to add custom headers on swashbuckl asp.net core web api
- How to set multiple api Key with Swashbuckle in the request's header
- Swagger UI Not adding Header to Requests