OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

odata message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: [OASIS Issue Tracker] (ODATA-1145) Align Authorization vocabulary with OpenAPI V3

Michael Pizzo created ODATA-1145:

             Summary: Align Authorization vocabulary with OpenAPI V3
                 Key: ODATA-1145
                 URL: https://issues.oasis-open.org/browse/ODATA-1145
             Project: OASIS Open Data Protocol (OData) TC
          Issue Type: Bug
          Components: Vocabularies
    Affects Versions: V4.01_CS01
         Environment: [Proposed]
            Reporter: Michael Pizzo
             Fix For: V4.01_CS02

Our Authorization vocabulary was defined based on Swagger V2.

OpenAPI V3 changes slightly the way authorization is specified.  In particular, it allows defining authorization flows, and then referencing those flows with a required set of scopes for a particular operation.

OData-884 proposes adding the ability to specify the requests (and corresponding responses) associated with an entity set, singleton, etc. As part of this proposal, it makes sense to be able to associate particular flows and required scopes with those requests.  This can be done by:
1) Adding a Name to the Authorization type in order to reference a particular authorization, and
2) Adding a "SecuritySchemes" property to the HTTPRequest type that is a collection of authorization/scope requirements for invoking this particular request.

This message was sent by Atlassian JIRA

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]