Annotation Interface SecurityScheme


Defines a security scheme that can be used by the operations. Supported schemes are HTTP authentication, an API key (either as a header or as a query parameter), OAuth2's common flows (implicit, password, application and access code) as defined in RFC6749, and OpenID Connect Discovery.
See Also:
  • "https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.0.md#security-scheme-object"
  • Element Details

    • securitySchemeName

      String securitySchemeName
      The name of this SecurityScheme. Used as the key to add this security scheme to the 'securitySchemes' map under Components object.

      It is a REQUIRED property unless this is only a reference to a security scheme instance.

      Returns:
      the name of this SecurityScheme instance
      Default:
      ""
    • type

      The type of the security scheme. Valid values are defined by SecuritySchemeType enum. Ignored when empty string.

      Type is a REQUIRED property unless this is only a reference to a SecuirtyScheme instance.

      Returns:
      the type of this SecuirtyScheme instance
      Default:
      DEFAULT
    • description

      String description
      A short description for security scheme. CommonMark syntax can be used for rich text representation.
      Returns:
      description of this SecurityScheme instance
      Default:
      ""
    • apiKeyName

      String apiKeyName
      Applies to and is REQUIRED for SecurityScheme of apiKey type.

      The name of the header, query or cookie parameter to be used.

      Returns:
      the name of this apiKey type SecurityScheme instance
      Default:
      ""
    • in

      Applies to and is REQUIRED for SecurityScheme of apiKey type.

      The location of the API key. Valid values are defined by SecuritySchemeIn enum. Ignored when empty string.

      Returns:
      the location of the API key
      Default:
      DEFAULT
    • scheme

      String scheme
      Applies to and is REQUIRED for SecurityScheme of http type.

      The name of the HTTP Authorization scheme to be used in the Authorization header as defined in RFC 7235.

      Returns:
      the name of the HTTP Authorization scheme
      Default:
      ""
    • bearerFormat

      String bearerFormat
      Applies to http ("bearer") type.

      A hint to the client to identify how the bearer token is formatted. Bearer tokens are usually generated by an authorization server, so this information is primarily for documentation purposes.

      Returns:
      the format of the bearer token
      Default:
      ""
    • flows

      OAuthFlows flows
      Applies to and is REQUIRED for SecurityScheme of oauth2 type.

      An object containing configuration information for the flow types supported.

      Returns:
      flow types supported by this SecurityScheme instance
      Default:
      @org.eclipse.microprofile.openapi.annotations.security.OAuthFlows
    • openIdConnectUrl

      String openIdConnectUrl
      Applies to and is REQUIRED for SecurityScheme of openIdConnect type.

      OpenId Connect URL to discover OAuth2 configuration values. This MUST be in the form of a URL.

      Returns:
      URL where OAuth2 configuration values are stored
      Default:
      ""
    • ref

      String ref
      Reference value to a SecurityScheme object.

      This property provides a reference to an object defined elsewhere. This property and all other properties are mutually exclusive. If other properties are defined in addition to the ref property then the result is undefined.

      Returns:
      reference to a security scheme
      Default:
      ""
    • extensions

      Extension[] extensions
      List of extensions to be added to the SecurityScheme model corresponding to the containing annotation.
      Returns:
      array of extensions
      Since:
      3.1
      Default:
      {}