Security

A default security policy can be added in nelmio_api_doc.documentation.security

        1
2
3
4
5
6
7
8
9
10
11
12
13
        nelmio_api_doc:
    documentation:
        components:
            securitySchemes:
                Bearer:
                    type: http
                    scheme: bearer
                ApiKeyAuth:
                    type: apiKey
                    in: header
                    name: X-API-Key
        security:
            - Bearer: []
    

This will add the Bearer security policy to all registered paths.

Overriding Specific Paths

The security policy can be overridden for a path using the Security attribute/annotation.

        1
        #[Security(name: "ApiKeyAuth")]
    

Notice at the bottom of the docblock is a Security attribute/annotation with a name of `ApiKeyAuth`. This will override the global security policy to only accept the ApiKeyAuth policy for this path.

You can also completely remove security from a path by providing Security with a name of null.

        1
        #[Security(name: null)]
    

This work, including the code samples, is licensed under a Creative Commons BY-SA 3.0 license.

TOC

Version