Skip to content

API Key authentication should allow scopes to be defined. #1366

@jakeswenson

Description

@jakeswenson

Today the scopes field on a security definition is only allowed on type=oauth
What is the reason to not allow scopes to be defined at an api key level?

For a good example of APIs that allow auth tokens to have scopes see GitHub's personal access tokens (https://github.com/settings/tokens/new)

Why can't I define an API and describe what scopes each endpoint needs/allows?

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions