I am able to either get the api key to be represented as a header or as a tag on the end of the url, but I am needing it to be both. Is there anyway for this to be possible?
Define both the header and the query parameter in the securityDefinitions
section (in OpenAPI 2.0) or the components/securitySchemes
section (in OpenAPI 3.0) of your API definition:
# swagger: '2.0'
securityDefinitions:
apiKeyHeader:
type: apiKey
in: header
name: X-EGEN-AccessTokenID
apiKeyQueryParam:
type: apiKey
in: query
name: api_key # replace with your query param name
Then, if you need both the header and query param be passed in the same request:
security:
- apiKeyHeader: []
apiKeyQueryParam: []
Or if either the header or query param should be used, but not both:
security:
- apiKeyHeader: []
- apiKeyQueryParam: []
More info here: http://swagger.io/docs/specification/authentication/api-keys/
In Swagger UI, when you click "Authorize", you will be enter the values for both the header and the query parameter.