It is said that "To define cookie authentication, use API keys instead." in the official documentation
https://swagger.io/docs/specification/describing-parameters/#cookie-parameters
The fact is we tried with
components:
securitySchemes:
cookieAuth:
type: apiKey
in: cookie
name: sessionId
...
security:
- cookieAuth: []
Using the above code, in Swagger UI we are able to click on the padlock to set the value of the sessionId. But when we execute the method, the value of the cookie is NULL and we don't see the cookie sent in the Headers (Chrome Developer tool)
I tried also to put that in cookie parameter like this:
parameters:
- in: cookie
name: sessionId
required: true
schema:
type: string
But there again, same result (arrive null, and nothing in the debugger tool.
We use Swagger with openApi 3.0, other parameters, requestBody is working well, but not this cookie transmission.
Thx for anything that can have an idea.
Swagger UI and Swagger Editor currently do not support sending cookies in "try it out" requests:
https://github.com/swagger-api/swagger-js/issues/1163
As the developers explain, the issue is that it's almost impossible to send arbitrary cookie data to a different origin from within the browser.
SwaggerHub supports cookie auth and cookie parameters though. SwaggerHub sends "try it out" requests from its servers rather than from your browser, which makes it possible to send requests with a user-defined Cookie
header.
Disclosure: I work for the company that makes SwaggerHub.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With