Security¶

Openapi-core provides you easy access to security data for authentication and authorization process.

Supported security schemas:

• http – for Basic and Bearer HTTP authentications schemes

• apiKey – for API keys and cookie authentication

Here’s an example with scheme BasicAuth and ApiKeyAuth security schemes:

security:
 - BasicAuth: []
 - ApiKeyAuth: []
components:
 securitySchemes:
   BasicAuth:
     type: http
     scheme: basic
   ApiKeyAuth:
     type: apiKey
     in: header
     name: X-API-Key

Security schemes data are accessible from security attribute of RequestUnmarshalResult object.

# get basic auth decoded credentials
result.security['BasicAuth']

# get api key
result.security['ApiKeyAuth']