Author - @PriyaGupta
Overview
The OpenAPI Specification 3.0.x provides a security object that defines the security schemes for operations. Following are the supported security schemes for OpenAPI 3.0.x:
- HTTP authentication
- API key
- OAuth2 (implicit, password, client credentials, and authorization code)
- OpenID Connect Discovery
Integration Server supports the following authentication mechanisms from the OpenAPI Specification version 3.0.x:
- HTTP authentications: Basic, Bearer, and Digest
- OAuth 2.0 flows: Authorization Code, Implicit, Resource Owner Password Credentials or Password, and Client Credentials
The API key and the OpenID Connect Discovery security schemes are not supported by the provider REST API Descriptor (RAD).
This tutorial explains how the provider RAD that uses the OpenAPI document 3.0.x displays the security schemes.
Prerequisites
Ensure that the following are available:
- Integration Server that processes the REST API request.
- An integration developer implementing the business logic in the service.
Use Cases
Visit the Original post in the Software AG Tech Community to find 5 Use Cases on how the provider RAD displays different security schemes.