Reputation: 20179
Swashbuckle Swagger Asp.Net Core Pass Api Key as Default Header Value in Request
I have basic Api that accepts a default header value for my-api-key and the corresponding value.
I'm trying to get the Swagger UI to allow me to enter the header one time for Authorization and have the key/value passed along with every request.
So far, I've only been successful with explicitly adding the header as a parameter to every endpoint, but that isn't ideal.
Relevant code snippets:
services.AddApiVersioning(
options =>
{
// reporting api versions will return the headers "api-supported-versions" and "api-deprecated-versions"
options.ReportApiVersions = true;
});
services.AddVersionedApiExplorer(
options =>
{
// add the versioned api explorer, which also adds IApiVersionDescriptionProvider service
// note: the specified format code will format the version as "'v'major[.minor][-status]"
options.GroupNameFormat = "'v'VVV";
// note: this option is only necessary when versioning by url segment. the SubstitutionFormat
// can also be used to control the format of the API version in route templates
options.SubstituteApiVersionInUrl = true;
});
services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new OpenApiInfo { Title = "Api", Version = "v1" });
c.SwaggerDoc("v2", new OpenApiInfo { Title = "Api", Version = "v2" });
// this isn't ideal as I have to fill in the Api Key on ever request
//c.OperationFilter<ApiKeySwaggerFilter>();
c.AddSecurityDefinition("ApiKey", new OpenApiSecurityScheme
{
Type = SecuritySchemeType.ApiKey,
Name = "my-api-key",
In = ParameterLocation.Header
});
c.AddSecurityRequirement(new OpenApiSecurityRequirement
{
{ new OpenApiSecurityScheme()
{
// Type = SecuritySchemeType.ApiKey,
Name = ""
//In = ParameterLocation.Header
//Reference = new OpenApiReference()
//{
// Id = "myToken",
// Type = ReferenceType.SecurityScheme
//},
}, new string[] { }
}
});
});
app.UseSwagger();
app.UseSwaggerUI(c =>
{
c.SwaggerEndpoint("/swagger/v1/swagger.json", "Api v1");
c.SwaggerEndpoint("/swagger/v2/swagger.json", "Api v2");
});
Corresponding image of where I'm at:
Corresponding minimal spike: https://github.com/aherrick/SwaggerSample
I feel this is close, but how do I get the Api Header to get passed on every request, without having to force the user to fill in parameter on every method request.
Upvotes: 5
Views: 3703
Answers (1)
Reputation: 20179
Figured it out with the following section update:
c.AddSecurityDefinition("ApiKey", new OpenApiSecurityScheme
{
Description = "Enter your Api Key below:",
Name = "my-api-key",
In = ParameterLocation.Header,
Type = SecuritySchemeType.ApiKey
});
c.AddSecurityRequirement(new OpenApiSecurityRequirement()
{
{
new OpenApiSecurityScheme
{
Reference = new OpenApiReference
{
Type = ReferenceType.SecurityScheme,
Id = "ApiKey"
},
},
new List<string>()
}
});
Upvotes: 11
Related Questions
- API key in header with swashbuckle
- Swagger with Multiple API Keys
- How to get Swagger to send api_key in Header and in request URL?
- Swagger UI: pass custom Authorization header
- SwaggerUI not adding ApiKey to Header with Swashbuckle (5.x)
- How to attach bearer authorization header to swagger request. Swashbuckle v 5.0.0-rc2
- How to pass custom headers while calling a web api using Swagger(Swashbuckle)
- How to set multiple api Key with Swashbuckle in the request's header
- .NET Core 2.0 Web API - How to add a custom header parameter in Swagger
- Hard Coding Api Key value in header when using a Swagger Generated Client