Is it possible to expose Swagger without an authorization key?


#1

I have a .net core web api. And it’s protected by an authorization key through Tyk. So to hit the API, you need http://foo.com/api/DoStuff?authorization=213234

The swagger is typically available via http:/foo.com/swagger/index.html. Is it possible to expose swagger without the authorization key?


#2

There are many ways in which you can achieve this. Here is one option:

Create 2 APIs.

  1. listen_path: /api - This is the api you protect with an API key
  2. listen_path: /swagger This API you configure as keyless