io.swagger.v3.oas.annotations.security

Annotation Type SecurityScheme

@Target(value={TYPE,ANNOTATION_TYPE})
 @Retention(value=RUNTIME)
 @Repeatable(value=SecuritySchemes.class)
 @Inherited
public @interface SecurityScheme

The annotation may be used at class level (also on multiple classes) to add securitySchemes to spec components section.

See Also:

Security Scheme (OpenAPI specification), Components (OpenAPI specification)

Required Element Summary

Required Elements

Modifier and Type	Required Element and Description
SecuritySchemeType	type The type of the security scheme.

Optional Element Summary

Optional Elements

Modifier and Type	Optional Element and Description
String	bearerFormat A hint to the client to identify how the bearer token is formatted.
String	description A short description for security scheme.
Extension[]	extensions The list of optional extensions
OAuthFlows	flows Required.
SecuritySchemeIn	in The location of the API key.
String	name The name identifying this security scheme
String	openIdConnectUrl Required.
String	paramName The name of the header or query parameter to be used.
String	ref A reference to a SecurityScheme defined in components securitySchemes.
String	scheme The name of the HTTP Authorization scheme to be used in the Authorization header as defined in RFC 7235.

Element Detail

type

public abstract SecuritySchemeType type

The type of the security scheme. Valid values are "apiKey", "http", "oauth2", "openIdConnect".

Returns:

String type

name

public abstract String name

The name identifying this security scheme

Returns:

String name

Default:

""

description

public abstract String description

A short description for security scheme. CommonMark syntax can be used for rich text representation.

Returns:

String description

Default:

""

paramName

public abstract String paramName

The name of the header or query parameter to be used. Applies to apiKey type. Maps to "name" property of Security Scheme (OpenAPI specification)

Returns:

String paramName

Default:

""

in

public abstract SecuritySchemeIn in

The location of the API key. Valid values are "query" or "header". Applies to apiKey type.

Returns:

String in

Default:

io.swagger.v3.oas.annotations.enums.SecuritySchemeIn.DEFAULT

scheme

public abstract String scheme

The name of the HTTP Authorization scheme to be used in the Authorization header as defined in RFC 7235. Applies to http type.

Returns:

String scheme

Default:

""

bearerFormat

public abstract String bearerFormat

A hint to the client to identify how the bearer token is formatted. Bearer tokens are usually generated by an authorization server, so this information is primarily for documentation purposes. Applies to http ("bearer") type.

Returns:

String bearerFormat

Default:

""

flows

public abstract OAuthFlows flows

Required. An object containing configuration information for the flow types supported. Applies to oauth2 type.

Returns:

OAuthFlows flows

Default:

@io.swagger.v3.oas.annotations.security.OAuthFlows

openIdConnectUrl

public abstract String openIdConnectUrl

Required. OpenId Connect URL to discover OAuth2 configuration values. This MUST be in the form of a URL. Applies to openIdConnect.

Returns:

String openIdConnectUrl

Default:

""

extensions

public abstract Extension[] extensions

The list of optional extensions

Returns:

an optional array of extensions

Default:

{}

ref

public abstract String ref

A reference to a SecurityScheme defined in components securitySchemes.

Returns:

the reference

Since:

2.0.3

Default:

""