Security type http, scheme bearer, bearerFormat JWT detected as basic?


(Jprevost) #1

I believe this syntax should work according to the OAS3 spec, but is detected as basic auth in Stoplight.

 "components": {
   "securitySchemes": {
     "jwtAuth": {
       "type": "http",
       "scheme": "bearer",
       "bearerFormat": "JWT"

(Jprevost) #2

Reference to where I got the syntax from:

(Taylor Barnett) #3

Yup! That looks like it is a bug. I’m opening up something internally for it right now.

(Brian) #4

Is there any followup on this bug? I am still running into this issue.