(Swagger 3) @Parameter to add an Authorization header

Question

I'm not sure if this is a bug or I'm missing something but Swagger is not adding the "Authorization: .." header when executing a request

I have this un-authenticated endpoint

public String getUserFromAuth(
            @Parameter(description = "Bearer token", required = true, name = "Authorization", in = ParameterIn.HEADER) @HeaderParam("Authorization") String authHeader
    ) {...}

When executing this request on Swagger the header is not added.

However if I change name = "Authorization" to `name = "Authorization2" then in that case yes the Authorization2 header is added.

the swagger json config looks fine:

"parameters": [
          {
            "name": "Authorization",
            "in": "header",
            "description": "Bearer token",
            "required": true,
            "schema": {
              "type": "string"
            }
          }
        ],

To simplify the issue I have removed all together the security config so there is no confusion

Swagger-core: 2.1.13 Swgger-ui: 4.5.0

score 1 · Answer 1 · answered Mar 16 '22 at 17:50

Reading a little more carefully the doc

Note: Header parameters named Accept, Content-Type and Authorization are not allowed. To describe these headers, use the corresponding OpenAPI keywords:

https://swagger.io/docs/specification/describing-parameters/#header-parameters

This doesn't make sense to me but well..

(Swagger 3) @Parameter to add an Authorization header

1 Answers1