Skip to content

Persist authorization data across browser close/refresh for OpenAPI Swagger UI #4314

Closed
@nlykkei

Description

@nlykkei
Contributor

Use case

Currently, each time the user refreshes the Swagger UI or closes the browser, the authorization data, e.g. OAuth 2.0 tokens, is lost, which forces the user to re-authenticate to call APIs.

While one may argue that transient authorization data is more secure, it's not a great user experience. Many web applications persist short-lived tokens.

The persistAuthorization option to Swagger UI persists the authorization data in local storage, so it remains across browser close/refresh:

https://swagger.io/docs/open-source-tools/swagger-ui/usage/configuration/#:~:text=persistAuthorization

Solution/User Experience

Provide an extra argument persist_authorization to enable_swagger()

Alternative solutions

No response

Acknowledgment

  • This feature request meets Powertools for AWS Lambda (Python) Tenets
    Should this be considered in other Powertools for AWS Lambda languages? i.e. Java, TypeScript, and .NET

Activity

leandrodamascena

leandrodamascena commented on May 12, 2024

@leandrodamascena
Contributor

Thanks for opening this! Working to merge the PR

github-actions

github-actions commented on May 12, 2024

@github-actions
Contributor

⚠️COMMENT VISIBILITY WARNING⚠️

This issue is now closed. Please be mindful that future comments are hard for our team to see.

If you need more assistance, please either tag a team member or open a new issue that references this one.

If you wish to keep having a conversation with other community members under this issue feel free to do so.

moved this from Coming soon to Shipped in Powertools for AWS Lambda (Python)on Jun 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Type

No type

Projects

Status

Shipped

Milestone

No milestone

Relationships

None yet

    Participants

    @leandrodamascena@nlykkei

    Issue actions

      Persist authorization data across browser close/refresh for OpenAPI Swagger UI · Issue #4314 · aws-powertools/powertools-lambda-python