Use Custom Authentication in RAML Conslole


#1

Unless I’m mistaken, it seems that when using the RAML console (or in the preview in the API Designer) custom authentication is not an option under “Try it.”

A few thoughts here. First, I was hoping that it would be available after defining this in my RAML file:

describedBy:
    headers:
      Authorization:
        description: Used to send a valid token. Do not use with query string parameter
        type: string
    queryParameters:
      accesskey:
        description: Used to send a valid access token. Do not use together with header.
        type: string

(I also have securedBy: at the root)

I was hoping that under “Try it” I would simple be able to enter in my access token here and the console would send it with the request. Unfortunately, it doesn’t even show up as an option.

I understand if the console doesn’t support custom authentication at all. If not, then what is the reason for including the security info in the RAML file? I would also prefer the “Try it” section being left blank or the tab not even showing up if I specify that the whole API is securedBy (this would answer my first question). Currently it is showing “Authentication Type: Anonymous” which is confusing if anonymous authentication is what I am trying to avoid by marking securedBy at the root.

Thanks.


#2

I am also looking for a way to specify a custom Authentication in RAML.
I am currently using something like this in curl:
curl https://xxx.xxx.com/a/b/c
-H “Authorization: Token MY_API_TOKEN”

I am trying to find ways of specifying this.


#3

Also stuck with api-console at this point. I believe we are looking at two issues here:

  1. [BUG?] Problem getting rid of the Anonymous tab in the API Console

    I have set securedBy at the root level and also removed all other occurences - it still offers ‘Anonymous’ tab.

  2. [FEATURE REQUEST] Have API Console support x-{other} (=custom) securitySchemes

    Right now (as far as my first peek into the codebase goes) API Console does not implement a strategy to deal with those - while it should be rather simple to support pure api-key schemes (which i’ve only seen in swagger consoles so far, or has anybody gotten this working based on a .raml-spec?)


#4

Any news about these issues?


#5

Hi all, first post here I hope it’s ok.

Im having the same issue here, but slightly different, please see this piece of code related to security:

"customAuth": 
        type: "x-custom"
        describedBy: 
            queryParameters: 
                "app_id": 
                    displayName: "app_id"
                    description: "Description of auth"
                    type: string
                    required: false
                    repeat: false
                    default: "test"
                    example: "test"

With the above code, If I paste the RAML in the console (http://api-portal.anypoint.mulesoft.com/raml/console), I can see a new option in the authentication part, near to anonymous it shows the tab “customAuth”. This is an advance, but the issue is that when I click on it, it’s empty, it should show the “app_id” query parameter. Just wanted to check if i am doing something wrong with the RAML code, because I read this post and it seems that you guys didn’t even get the custom authorization tab in the console.

Kind regards,

Alex