From 470edb5e95ccb6ce0d87be90f5a8ed0deff2defd Mon Sep 17 00:00:00 2001 From: Jordon Phillips Date: Mon, 3 Apr 2023 17:53:20 +0200 Subject: [PATCH] Clairfy api key auth's scheme --- docs/source-2.0/spec/authentication-traits.rst | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/docs/source-2.0/spec/authentication-traits.rst b/docs/source-2.0/spec/authentication-traits.rst index 12c7b3b5014..44cfa979d60 100644 --- a/docs/source-2.0/spec/authentication-traits.rst +++ b/docs/source-2.0/spec/authentication-traits.rst @@ -182,8 +182,10 @@ properties: This value can be set to ``header`` or ``query``. * - scheme - ``string`` - - Defines the security scheme to use on the ``Authorization`` header value - This can only be set if the "in" property is set to ``header``. + - Defines the scheme to use on the ``Authorization`` header value. As + defined in :rfc:`9110#section-11.4`. This scheme SHOULD be one of the + schemes defined in the `IANA Authentication Scheme Registry`_. This can + only be set if the "in" property is set to ``header``. The following example defines a service that accepts an API key in the "X-Api-Key" HTTP header: @@ -367,3 +369,6 @@ authentication scheme trait that is not applied to the service: @auth([httpBasicAuth]) // <-- Invalid! operation OperationA {} + + +.. _IANA Authentication Scheme Registry: https://www.iana.org/assignments/http-authschemes