API Designer not generating SecuritySchema Header in Request

šŸ™‹ Help
1

Hello,

I have defined an API spec using API Designer. I specified a securitySchema and applied it to the endpoint. When I generate a collection, the request does not have a header of ā€˜Authorizationā€™ that I expected.

What I am desiring to happen, is when I generate a collection, I want a request to have a Header key of ā€œAuthorizationā€ and a Header value of "{{ACCESS_TOKEN}}. I am seeing a header key of ā€˜Authorizationā€™ generated in the request but with no value.

Is there something I need to do differently to make this happen? I figured the securitySchema way was the right way. The security schema defined below is what is generated when I import an OpenAPI 3.0 spec from AWS API Gateway with this header set.

paths:
  /sample:
    get:
      summary: Sample
      operationId: sample
      security:
        - authorizer: []
...
components:
...
securitySchemes:
  authorizer:
    type: "apiKey"
    name: "Authorization"
    in: "header"
    x-amazon-apigateway-authtype: "custom"

The corresponding request generated has the following in the Header.

image
image797Ɨ131 2.41 KB

When validating API spec using API Designer to the generated collection without modification, I get the following suggested changes.The ā€˜Authorizationā€™ header generated from spec is now indicating that the collection shouldnā€™t have the header ā€˜Authorizationā€™ anymore. Seems this feature is not consistent.

image
image700Ɨ204 4.62 KB

Thank you

2

I am no expert into this, but it looks to me that your configuration is not valid.

It should be

name: x-amazon-apigateway-authtype

not

x-amazon-apigateway-authtype: "custom"

3

Thank you vdespa for your response. There already exists a ā€˜nameā€™ attribute with value ā€˜Authorizationā€™.

If I change the line you indicate, I get a yaml parsing error as there are two ā€˜nameā€™ attributes.

securitySchemes:
  authorizer:
    type: "apiKey"
    name: "Authorization"
    in: "header"
    name: x-amazon-apigateway-authtype

If I remove the ā€˜x-amazon-apigateway-authtype: ā€œcustomā€ā€™ line, I end up with the securitySchema defined below. I see just an Authorization header in the request generated, but validate schema doesnā€™t recognize the ā€˜Authorizationā€™ header and suggests to remove it to be in sync.

securitySchemes:
  authorizer:
    type: "apiKey"
    name: "Authorization"
    in: "header"
    x-amazon-apigateway-authtype: "custom"

image

If I remove my original ā€˜nameā€™ attribute with value ā€˜Authorizationā€™ and replace it with the ā€˜nameā€™ attribute that was suggested, I end up with the below as a header value which is not what I am needing.

securitySchemes:
  authorizer:
    type: "apiKey"
    name: x-amazon-apigateway-authtype
    in: "header"

image
image698Ɨ135 2.69 KB

4

This appears to have been resolved when I checked this morning. Bugs must be getting squashed by the dev team in relation to API Designer collection generation and schema validation.