https://github.com/jzills/swaggeruiauthorization

Control access to SwaggerUI, ensuring that only authenticated users with appropriate permissions can view documentation their roles have access to. This package leverages ASP.NET Core authentication and authorization mechanisms, aligning with the rules already established within your application.
https://github.com/jzills/swaggeruiauthorization

authorization authorization-middleware swagger swagger-ui swashbuckle swashbuckleaspnetcore

Last synced: 10 months ago
JSON representation

Control access to SwaggerUI, ensuring that only authenticated users with appropriate permissions can view documentation their roles have access to. This package leverages ASP.NET Core authentication and authorization mechanisms, aligning with the rules already established within your application.

• Host: GitHub
• URL: https://github.com/jzills/swaggeruiauthorization
• Owner: jzills
• License: mit
• Created: 2023-05-24T22:32:23.000Z (about 3 years ago)
• Default Branch: main
• Last Pushed: 2024-11-20T03:13:00.000Z (over 1 year ago)
• Last Synced: 2025-07-28T11:26:32.493Z (11 months ago)
• Topics: authorization, authorization-middleware, swagger, swagger-ui, swashbuckle, swashbuckleaspnetcore
• Language: C#
• Homepage:
• Size: 85 KB
• Stars: 1
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          

# SwaggerUIAuthorization

[![NuGet Version](https://img.shields.io/nuget/v/SwaggerUIAuthorization.svg)](https://www.nuget.org/packages/SwaggerUIAuthorization/) [![NuGet Downloads](https://img.shields.io/nuget/dt/SwaggerUIAuthorization.svg)](https://www.nuget.org/packages/SwaggerUIAuthorization/)

## Summary

If your API endpoints require authentication and authorization, it makes sense to integrate those rules into your Swagger documentation. With the `SwaggerUIAuthorization` package, you can seamlessly control access to SwaggerUI, ensuring that only authenticated users with appropriate permissions can view documentation their roles have access to. This package leverages .NET's authentication and authorization mechanisms, aligning with the rules already established within your application.

## Features

- Authentication and authorization dependent rendering of swagger documentation

- The same rules that .NET has defined for an `AuthorizeAttribute` applies

    - Comma separated roles are evaluated on an OR basis

    - Multiple `AuthorizeAttribute`'s are evaluated on an AND basis

    - An `AllowAnonymousAttribute` bypasses all authorization

## Limitations

The schema displayed at the bottom of an api using SwaggerUI is force hidden internally using the following code:

    

    options.DefaultModelsExpandDepth(-1);

## Installation

`SwaggerUIAuthorization` is available on [NuGet](https://www.nuget.org/packages/SwaggerUIAuthorization/). 

    dotnet add package SwaggerUIAuthorization

## Docs

[SwaggerUIAuthorization](src/README.md)

## Examples

[WebApiWithCustomLogin](samples/WebApiWithCustomLogin/README.md) \

[WebApiWithMicrosoftIdentity](samples/WebApiWithMicrosoftIdentity/README.md)