You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: versions/3.1.1.md
+4-2Lines changed: 4 additions & 2 deletions
Original file line number
Diff line number
Diff line change
@@ -3989,8 +3989,10 @@ The name used for each property MUST correspond to a security scheme declared in
3989
3989
A Security Requirement Object MAY refer to multiple security schemes in which case all schemes MUST be satisfied for a request to be authorized.
3990
3990
This enables support for scenarios where multiple query parameters or HTTP headers are required to convey security information.
3991
3991
3992
-
When the security field is defined on the [OpenAPI Object](#openapi-object) or [Operation Object](#operation-object) and contains multiple Security Requirement Objects, only one of the entries in the list needs to be satisfied to authorize the request.
3993
-
This enables support for scenarios where the API supports alternative security schemes, or when they are optional.
3992
+
When the `security` field is defined on the [OpenAPI Object](#openapi-object) or [Operation Object](#operation-object) and contains multiple Security Requirement Objects, only one of the entries in the list needs to be satisfied to authorize the request.
3993
+
This enables support for scenarios where the API allows multiple, independent security schemes.
3994
+
3995
+
An empty Security Requirement Object (`{}`) indicates anonymous access is supported.
0 commit comments