Security

Edit this page

A default security policy can be added in nelmio_api_doc.documentation.security

1
2
3
4
5
6
7
8
9
10
11
12
13
nelmio_api_doc:
    documentation:
        components:
            securitySchemes:
                Bearer:
                    type: http
                    scheme: bearer
                ApiKeyAuth:
                    type: apiKey
                    in: header
                    name: X-API-Key
        security:
            - Bearer: []

This will add the Bearer security policy to all registered paths.

Overriding Specific Paths

The security policy can be overridden for a path using the Security attribute/annotation.

1
2
3
/**
 * @Security(name="ApiKeyAuth")
 */

Notice at the bottom of the docblock is a Security attribute/annotation with a name of `ApiKeyAuth`. This will override the global security policy to only accept the ApiKeyAuth policy for this path.

You can also completely remove security from a path by providing Security with a name of null.

1
2
3
/**
 * @Security(name=null)
 */
This work, including the code samples, is licensed under a Creative Commons BY-SA 3.0 license.
TOC
    Version