[Question]: How to document Symfony App Roles

[micter59]

Version

4.31

Question

Hello.
I'm using this bundle to generate the documentation of an API.
The API is made available through Symfony 6.4 controllers.
Authentication is made through a JW Token, and works correctly.
Even if the user of the API has a JWT, I'm checking his application roles, as not every API endpoints are available to all users.
So in Symfony's API Controller, I'm checking this with the @IsGranted('ROLE_XXX') attribute.
How could I made this appear in the documentation ?

Thanks.

Additional context

No response

[micter59]

For now, I use the #[OA\Response] to indicate this, but this is not very visible.
I looked for the Security annotation, but this seems not be usable with symfony app roles.
If you have an other idea to do this, don't hesitate to tell me.

[DjordyKoert]

Have a look at https://symfony.com/bundles/NelmioApiDocBundle/current/security.html

First define your securityScheme(s) in the bundle configuration.

Then use Nelmio's #[Security] attribute #[Security(name: "YourSchemeNameHere", scopes: ['ROLE_API'])]

[micter59]

Thanks for your answer. If I understand you well, there will be only 1 securityScheme to check the JWT token, and then the "scope" part of the #[Security] attribute will do the job for the documentation. Am I right ?

[github-actions]

This issue has been marked as stale because it has not had any activity for 60 days. Remove stale label or comment to prevent this from being closed in 21 days.