How to get Swagger to send api_key in Header and in request URL?

Question

I am able to either get the api key to be represented as a header or as a tag on the end of the url, but I am needing it to be both. Is there anyway for this to be possible?

Answer 1

Define both the header and the query parameter in the securityDefinitions section (in OpenAPI 2.0) or the components/securitySchemes section (in OpenAPI 3.0) of your API definition:

# swagger: '2.0'

securityDefinitions:
  apiKeyHeader:
    type: apiKey
    in: header
    name: X-EGEN-AccessTokenID
  apiKeyQueryParam:
    type: apiKey
    in: query
    name: api_key   # replace with your query param name

Then, if you need both the header and query param be passed in the same request:

security:
  - apiKeyHeader: []
    apiKeyQueryParam: []

Or if either the header or query param should be used, but not both:

security:
  - apiKeyHeader: []
  - apiKeyQueryParam: []

More info here: http://swagger.io/docs/specification/authentication/api-keys/

In Swagger UI, when you click "Authorize", you will be enter the values for both the header and the query parameter.

Answer 2

window.swaggerUi.api.clientAuthorizations.add(swashbuckleConfig.apiKeyName, new SwaggerClient.ApiKeyAuthorization(swashbuckleConfig.apiKeyName, key, "header"));
      window.swaggerUi.api.clientAuthorizations.add(swashbuckleConfig.apiKeyName + " query", new SwaggerClient.ApiKeyAuthorization(swashbuckleConfig.apiKeyName, key, "query"));