From 559358670bb3632e2ee46b2b11107b17051d3f39 Mon Sep 17 00:00:00 2001 From: Bhaswati Roy Date: Thu, 23 Nov 2023 13:12:42 +0530 Subject: [PATCH] added objects under security in v3 --- .../docs/concepts/asyncapi-document/securing-operations.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/pages/docs/concepts/asyncapi-document/securing-operations.md b/pages/docs/concepts/asyncapi-document/securing-operations.md index d0cabc8f352..3a33785518c 100644 --- a/pages/docs/concepts/asyncapi-document/securing-operations.md +++ b/pages/docs/concepts/asyncapi-document/securing-operations.md @@ -10,7 +10,6 @@ The concept of server security implies that the security measures defined at the The security requirements specified at the server level are enforced consistently across the entire Asyncapi document. There may be situations where certain operations within specific channels require different security measures than the default server-level settings. - To accommodate such scenarios, the AsyncAPI document allows you to use the `security` property at the `operation` level. This means users can define security requirements at both the global level and the operation (endpoint) level. - By using the `security` property at the `operation` level, the user can override the default server-level security and define unique security requirements for individual operations. This also gives the flexibility to tailor the security measures to the specific needs of each operation, even if they differ from the broader server-level settings. ```yaml channels: @@ -50,6 +49,12 @@ operations: - 'subscribe:auth_revocations' ``` +The `security` field comprises of 2 parts - + +- Security scheme object = This portion mentions the security schemes associated with the given operation. One of the security scheme objects must be satisfied to authorize an operation. + +- Reference object = This portion references a definition by linking to somewhere else in the document using the `$ref:` keyword. + ## Specifying Security Requirement To specify different security requirements for a specific operation, you can include the `security` property within the operation's definition.