Black Friday 2022 Offers 30% discount in Symfony, Twig and Sylius certifications (offer ends tomorrow)

Security

Edit this page

Security

A default security policy can be added in nelmio_api_doc.documentation.security

1
2
3
4
5
6
7
8
9
10
11
12
13
nelmio_api_doc:
    documentation:
        components:
            securitySchemes:
                Bearer:
                    type: http
                    scheme: bearer
                ApiKeyAuth:
                    type: apiKey
                    in: header
                    name: X-API-Key
        security:
            Bearer: []

This will add the Bearer security policy to all registered paths.

Overriding Specific Paths

The security policy can be overridden for a path using the @Security annotation.

1
2
3
/**
 * @Security(name="ApiKeyAuth")
 */

Notice at the bottom of the docblock is a @Security annotation with a name of `ApiKeyAuth`. This will override the global security policy to only accept the ApiKeyAuth policy for this path.

You can also completely remove security from a path by providing @Security with a name of null.

1
2
3
/**
 * @Security(name=null)
 */
This work, including the code samples, is licensed under a Creative Commons BY-SA 3.0 license.