Description
Content & configuration
I have couple of swagger API with ASP.NET Core 3.1 that are meant only for internal dev or internal users. For e.g. They have API that create and manage VMs.
I do not want any external user to see the API or explore them. Currently I have the OAuth 2.0 Authorization Code Workflow setup that will authenticate our internal users but still any external user can open the URL look at the APIs and syntax.
I would like to see a feature in swagger-ui that will force the OAuth authentication for e.g. show Authorize window automatically when the swagger ui is loaded and disallow user closing the Authorize Window till user is authorized.
This feature will be useful for all private and internal APIs.
Describe the solution you'd like
As an example... I would like to see two configuration properties
app.UseSwaggerUI(c =>
{
// This will automatically show the Authorize window as soon as the swagger-ui page is loaded
c.AuthorizeOnLoad = true;
// This will ensure that user cannot close the Authorize window untill he is authenticated by server.
c.DisableCancelOnAuthorize = true;
}