added objects under security in v3

asyncapi · Nov 23, 2023 · 5593586 · 5593586
1 parent 9635743
commit 5593586
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/pages/docs/concepts/asyncapi-document/securing-operations.md b/pages/docs/concepts/asyncapi-document/securing-operations.md
@@ -10,7 +10,6 @@ The concept of server security implies that the security measures defined at the
 The security requirements specified at the server level are enforced consistently across the entire Asyncapi document. There may be situations where certain operations within specific channels require different security measures than the default server-level settings. 
 
 - To accommodate such scenarios, the AsyncAPI document allows you to use the `security` property at the `operation` level. This means users can define security requirements at both the global level and the operation (endpoint) level.
-  By using the `security` property at the `operation` level, the user can override the default server-level security and define unique security requirements for individual operations. This also gives the flexibility to tailor the security measures to the specific needs of each operation, even if they differ from the broader server-level settings.
 
 ```yaml
 channels:
@@ -50,6 +49,12 @@ operations:
           - 'subscribe:auth_revocations'
 ```
 
+The `security` field comprises of 2 parts -
+
+- Security scheme object = This portion mentions the security schemes associated with the given operation. One of the security scheme objects must be satisfied to authorize an operation.
+
+- Reference object = This portion references a definition by linking to somewhere else in the document using the `$ref:` keyword.
+
 ## Specifying Security Requirement 
 
 To specify different security requirements for a specific operation, you can include the `security` property within the operation's definition.