-
-
Notifications
You must be signed in to change notification settings - Fork 1
Authentication schemes
Ieuan Walker edited this page Dec 3, 2025
·
2 revisions
This extension method automatically documents all registered authentication schemes into your OpenAPI specification. It supports Bearer tokens, Basic auth, API Keys, OAuth2, OpenID Connect, and custom schemes.
Because it adds the authentication schemes to the OpenAPI JSON document, it allows Scalar to display the authentication options.
The simplest way to add security scheme documentation:
builder.Services.AddAuthentication(...)
.AddBearer(...)
.AddBasic(...);
builder.Services.AddOpenApi(options =>
{
options.AddAuthenticationSchemes();
});That's it! All your registered authentication schemes will now appear in the OpenAPI documentation.
builder.Services.AddOpenApi(options =>
{
options.AddAuthenticationSchemes(o =>
{
// Customize Bearer token format
o.BearerFormat = "My Custom JWT Format";
// Customize API key header name
o.ApiKeyHeaderName = "X-Custom-API-Key";
// Configure OAuth2
o.OAuth2AuthorizationUrl = new Uri("https://auth.example.com/oauth/authorize");
o.OAuth2Scopes = new Dictionary<string, string>
{
{ "read:users", "Read user data" },
{ "write:users", "Write user data" },
{ "admin", "Admin access" }
};
// Configure OpenID Connect
o.OpenIdConnectUrl = new Uri("https://auth.example.com/.well-known/openid-configuration");
});
});Getting Started
Endpoints
- Endpoint interfaces
- HTTP verbs
- Request binding
- Grouping
- Returning multiple different responses
- Dependency injection
Validation
- Setup
- Data annotations
- Fluent validation
- Disabling validation
- Manually return BadRequest with validation errors
Output Caching
OpenAPI & Documentation