Skip to content

[API] Add Swagger UI authorization header support #9110

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
liranbg merged 3 commits into from
Dec 23, 2025
Merged

[API] Add Swagger UI authorization header support #9110

liranbg merged 3 commits into from
Dec 23, 2025

Conversation

@liranbg
Copy link
Member

@liranbg liranbg commented Dec 23, 2025
edited
Loading

πŸ“ Description

This change improves the usability of the API documentation by facilitating token-based authentication for users.

πŸ› οΈ Changes Made

Added _add_swagger_authorization method which modifies the OpenAPI schema to include a security scheme for the "Authorization" header, making it available globally in the Swagger UI.

βœ… Checklist

  • I updated the documentation (if applicable)
  • I have tested the changes in this PR
  • I confirmed whether my changes are covered by system tests
    • If yes, I ran all relevant system tests and ensured they passed before submitting this PR
    • I updated existing system tests and/or added new ones if needed to cover my changes
  • If I introduced a deprecation:

πŸ§ͺ Testing

Manual testings on igz3/4

πŸ”— References

  • Ticket link:
  • Design docs links:
  • External links:

🚨 Breaking Changes?

  • Yes (explain below)
  • No

πŸ”οΈ Additional Notes

Screenshot 2025-12-23 at 11 03 59 Screenshot 2025-12-23 at 11 04 22

@liranbg
Add Swagger UI authorization header support
9bc4577 
This commit introduces a new method to enhance the Swagger UI by allowing users to add a custom authorization header.
@liranbg
zz
310fca1
@liranbg liranbg requested review from a team and quaark as code owners December 23, 2025 09:05
TomerShor
TomerShor reviewed Dec 23, 2025
View reviewed changes
server/py/framework/service/__init__.py
Comment on lines +186 to +191
openapi_schema["components"]["securitySchemes"]["Authorization"] = {
"type": "apiKey",
"in": "header",
"name": "Authorization",
"description": "Enter your authorization header token. Example: Bearer <token>",
}
Copy link
Member

@TomerShor TomerShor Dec 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

While this will work, OpenAPI has a specific bearer security schema type. see https://swagger.io/docs/specification/v3_0/authentication/bearer-authentication/

Copy link
Member Author

@liranbg liranbg Dec 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes, but mlrun supports basic auth as well, and etc. so .. kept this one generic enough

@liranbg liranbg merged commit edee8dc into mlrun:development Dec 23, 2025
13 checks passed
@liranbg liranbg deleted the swagger-with-authz branch December 23, 2025 12:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@TomerShor TomerShor TomerShor approved these changes

@quaark quaark Awaiting requested review from quaark quaark is a code owner

Assignees

No one assigned

Labels

area/framework area/server

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@liranbg @TomerShor