How to get Swagger to send API key as a http instead of in the URL

Question

I am using swagger with servicestack but I am getting a 401 unauthorised error from my /resources URL becuase it requires an API key.

Unless I'm mistaken, according to the documentation I should set supportHeaderParams to true as well as the apiKeyName and apiKey value in the JSON parameters when initializing Swagger from my html page.

I was then expecting to see my API key in the http request headers, but it is still being appended to the URL and not in the headers collection.

Here is the code that initialises Swagger in my HTML page:

 window.swaggerUi = new SwaggerUi({             discoveryUrl: "http://pathtomyservice.com/resources",                 headers: { "testheader" : "123" },                 apiKey: "123",                 apiKeyName: "Api-Key",                 dom_id:"swagger-ui-container",                 supportHeaderParams: true,                 supportedSubmitMethods: ['get', 'post', 'put', 'delete'],                 onComplete: function(swaggerApi, swaggerUi){                     if(console) {                         console.log("Loaded SwaggerUI");                         console.log(swaggerApi);                         console.log(swaggerUi);                     }                   $('pre code').each(function(i, e) {hljs.highlightBlock(e)});                 },                 onFailure: function(data) {                     if(console) {                         console.log("Unable to Load SwaggerUI");                         console.log(data);                     }                 },                 docExpansion: "none"             }); 

Unfortunately I get no headers at all, no 'Api-Key' or 'testheader'.

Answer 1

I think that it might be a bug in swagger ui.

As a workaround, I added the following in in the swagger index.html file.

$(function () {    $.ajaxSetup({        beforeSend: function (jqXHR, settings) {            jqXHR.setRequestHeader("YourApiKeyHeader", $("#input_apiKey").val());        }    }); }); 

Hope this helps,

Answer 2

In swagger-ui 2.0 or greater, this is trivial:

https://github.com/wordnik/swagger-ui#header-parameters

// add a new ApiKeyAuthorization when the api-key changes in the ui. $('#input_apiKey').change(function() {   var key = $('#input_apiKey')[0].value;   if(key && key.trim() != "") {     window.authorizations.add("key", new ApiKeyAuthorization("api_key", key, "header"));   } }) 

This is also much more extensible and supports custom authentication mechanisms.