I have implemented API documentation using swagger swashbukle. Now I want to publish generated documentation as a help file in my website. How to secure this link and publish?
Key findings. We discovered 13,041 Swagger APIs in 28 countries throughout Europe. Further analyses revealed that many are not properly secured, revealing hardcoded keys and user/customer information, malfunctioning login security, no use of HTTPS, and more.
Security is described using the securitySchemes and security keywords. You use securitySchemes to define all security schemes your API supports, then use security to apply specific schemes to the whole API or individual operations.
0+, you can use the preauthorizeBasic method to pre-fill the Basic auth username and password for "try it out" calls. "Try it out" will use the specified username and password, and if you click the "Authorize" button in Swagger UI, you will see that the username and masked password are pre-filled in the UI.
The major Swagger tools include: Swagger Editor – browser-based editor where you can write OpenAPI definitions. Swagger UI – renders OpenAPI definitions as interactive documentation. Swagger Codegen – generates server stubs and client libraries from an OpenAPI definition.
I don't think there's a way to secure the swagger swashbuckle endpoint up until now. You can have tips and more into this from their github issue here
This solution will only work if you have implemented authentication in your solution.
write following code in it:
<configuration>
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
</system.webServer>
</configuration>
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With