Authentication¶
Inputs which carry authentication data wrap another input can be marked as such by declaring them using members of the
auth
object. Apart from predefined codecs for some authentication methods, such inputs will be treated differently]
when generating documentation. Otherwise, they behave as normal inputs which map to the the given type.
Currently, the following authentication inputs are available (assuming import tapir._
):
auth.apiKey(anotherInput)
: wraps any other input and designates it as an api key. The input is typically a header, cookie or a query parameterauth.basic: EndpointInput[UsernamePassword]
: maps to the base64-encoded username/password pair in theAuthorization
headerauth.bearer: EndpointInput[String]
: maps toBearer [token]
in theAuthorization
header
Multiple authentication inputs indicate that all of the given authentication values should be provided. Specifying alternative authentication methods (where only one value out of many needs to be provided) is currently not supported.
When interpreting a route as a server, it is useful to define the authentication input first, to be able to share the authentication logic among multiple endpoints easily. See common server options for more details.
Next¶
Read on a summary on implicits for custom types.