spec/endpoints/well-known/jwks.json/index.yaml · 6951623da77a3eed9480110ea260e69068dafb4f · FIT-Connect / Submission API

1 year ago

chore(api): redocly warns if endpoints dont have security set · 6951623d

Jonas Gröger authored 1 year ago

usually we use the OAuth2 security schema. but public endpoints
do not have this security constraint. callbacks don't authenticate
against the called endpoint.

For reference, the warning was (one example):

> Every operation should have security defined on it or on the root level.
>
> 418 | get:
>     | ^^^
> 419 |   operationId: get-destination-key
> 420 |   summary: Ruft einen JWK des Zustelldienstes ab
>
> Warning was generated by the security-defined rule.

6951623d

History

chore(api): redocly warns if endpoints dont have security set

Jonas Gröger authored 1 year ago

usually we use the OAuth2 security schema. but public endpoints
do not have this security constraint. callbacks don't authenticate
against the called endpoint.

For reference, the warning was (one example):

> Every operation should have security defined on it or on the root level.
>
> 418 | get:
>     | ^^^
> 419 |   operationId: get-destination-key
> 420 |   summary: Ruft einen JWK des Zustelldienstes ab
>
> Warning was generated by the security-defined rule.