security in openapi.yaml now needs to be under the method

[bshaffer]

The following in openapi.yaml does not have effect anymore:

# This section requires all requests to any path to require an API key.
security:
- api_key: []

Instead it needs to be moved under the method (like in the python sample):

paths:
  "/echo":
    post:
      description: "Echo back a given message."
      operationId: "echo"
      produces:
      - "application/json"
      responses:
        200:
          description: "Echo"
          schema:
            $ref: "#/definitions/echoMessage"
      parameters:
      - description: "Message to echo"
        in: body
        name: message
        required: true
        schema:
          $ref: "#/definitions/echoMessage"
      security:
      - api_key: []

see endpoints docs for more info.

[fhinkel]

Thanks. Looking at the docs, looks like top level is the place to be. Closing this. Please reopen if closed in error Thanks!