securityDefinitions in OpenAPI/Swagger 2.0 files allow you to define the authentication types that your API supports. Having no authentication exposes your APIs to attacks and having no documented authentication type makes it more difficult to understand accessing your API.
Ensure that your OpenAPI 2.0 spec includes a securityDefinitions section. For example:
securityDefinitions: BasicAuth: type: basic ApiKeyAuth: type: apiKey in: header name: apiKey OAuth2: type: oauth2 flow: implicit authorizationUrl: https://swagger.io/api/oauth/dialog tokenUrl: https://swagger.io/api/oauth/token scopes: read: read write: write
Updated 9 months ago