You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
guptasu opened this issue
Sep 10, 2015
· 2 comments
Labels
clarificationrequests to clarify, but not change, part of the specsecurity: configThe mechanics of severs and structure of security-related objectssecurity
Reading security field in Swagger object, I interpret it as there is a logical OR between the security requirement objects.
Then reading security requirement object, I interpret it as, it is an object with multiple fields (which reference to schemas defined security schema definition) and there is a logical AND between them.
Is my understanding right ?
clarificationrequests to clarify, but not change, part of the specsecurity: configThe mechanics of severs and structure of security-related objectssecurity
Reading security field in Swagger object, I interpret it as there is a logical OR between the security requirement objects.
Then reading security requirement object, I interpret it as, it is an object with multiple fields (which reference to schemas defined security schema definition) and there is a logical AND between them.
Is my understanding right ?
For example:
would mean required authentication for the operation is either
(petstore_advance_auth) OR (petstore_auth AND api_key)
Is my understanding correct, if so an example for that in the spec would be really helpful.
If I am not right, then what is the recommended way to specify if an operation needs 2 auth and both are required, else its treated as unauthorized.
The text was updated successfully, but these errors were encountered: