For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
Book a demoLog inStart for free
  • Overview
    • What is an API definition?
    • Project structure
      • Overview
      • Overrides
      • Authentication
      • Servers
      • Sync your specification
Checking status...
SOC2Soc 2 Type II
© 2026 Fern • Birch Solutions, Inc., a Postman company

Documentation

SDKsDocsAsk FernCLI Reference

API Definitions

OpenAPIAsyncAPIOpenRPCgRPC

Resources

BlogSupportPricing

Company

Brand KitPrivacy PolicyTerms of Service
LogoLogo
Book a demoLog inStart for free
On this page
  • Bearer security scheme
  • API key security scheme
  • Custom API key variable name
  • Basic security scheme
  • Custom basic auth variable names
  • OAuth2 security scheme
  • Multiple security schemes
AsyncAPI

Authentication

Model auth schemes such as bearer, basic, and api key for your event-driven APIs.

||View as Markdown|
Was this page helpful?
Edit this page
Previous

Overrides

Next

Servers

Configuring authentication schemes happens in the components.securitySchemes section of AsyncAPI.

asyncapi.yml
1components: 
2  securitySchemes: 
3    ...

To apply a security scheme across all operations, reference the securityScheme within the security section of your AsyncAPI Specification.

asyncapi.yml
1components: 
2  securitySchemes: 
3    AuthScheme:
4      ...
5security: 
6  - AuthScheme: []

Bearer security scheme

Start by defining a bearer security scheme in your asyncapi.yml:

asyncapi.yml
1components:
2  securitySchemes:
3    BearerAuth:
4      type: http
5      scheme: bearer

This will generate an SDK where the user would have to provide a mandatory argument called token.

index.ts
1const client = new Client({
2  token: "ey34..."
3})

If you want to control variable naming and the environment variable to scan, use the configuration below:

asyncapi.yml
1components:
2  securitySchemes:
3    BearerAuth:
4      type: http
5      scheme: bearer
6      x-fern-token:
7        name: authToken
8        env: AUTH_TOKEN

API key security scheme

Start by defining an apiKey security scheme in your asyncapi.yml:

asyncapi.yml
1components:
2  securitySchemes:
3    ApiKeyAuth:
4      type: apiKey
5      in: header
6      name: X-API-Key

This will generate an SDK where the user would have to provide a mandatory argument called apiKey.

index.ts
1const client = new Client({
2  apiKey: "my-api-key"
3})

Custom API key variable name

If you want to control variable naming and the environment variable to scan, use the configuration below:

asyncapi.yml
1components:
2  securitySchemes:
3    ApiKeyAuth:
4      type: apiKey
5      x-fern-api-key:
6        name: customApiKey
7        env: CUSTOM_API_KEY
8      in: header
9      name: X-API-Key

Basic security scheme

Start by defining a basic security scheme in your asyncapi.yml:

asyncapi.yml
1components:
2  securitySchemes:
3    BasicAuth:
4      type: http
5      scheme: basic

This will generate an SDK where the user would have to provide a username and password.

index.ts
1const client = new Client({
2  username: "john@example.com",
3  password: "password123"
4})

Custom basic auth variable names

If you want to control variable naming and the environment variables to scan, use the configuration below:

asyncapi.yml
1components:
2  securitySchemes:
3    BasicAuth:
4      type: http
5      scheme: basic
6      x-fern-username:
7        name: email
8        env: EMAIL
9      x-fern-password:
10        name: pass
11        env: PASSWORD

OAuth2 security scheme

Team and Enterprise feature

This feature is available only for the Team and Enterprise plans. To get started, reach out to support@buildwithfern.com.

OAuth2 authentication is supported for AsyncAPI specifications:

asyncapi.yml
1components:
2  securitySchemes:
3    OAuth2:
4      type: oauth2
5      flows:
6        authorizationCode:
7          authorizationUrl: https://example.com/oauth/authorize
8          tokenUrl: https://example.com/oauth/token
9          scopes:
10            read: Read access to resources
11            write: Write access to resources

This will generate an SDK that supports OAuth2 flow for event-driven operations.

Multiple security schemes

You can specify multiple security schemes and apply them to different operations:

asyncapi.yml
1components:
2  securitySchemes:
3    ApiKeyAuth:
4      type: apiKey
5      in: header
6      name: X-API-Key
7    BearerAuth:
8      type: http
9      scheme: bearer
10    OAuth2:
11      type: oauth2
12      flows: ...
13
14operations:
15  sendMessage:
16    security:
17      - ApiKeyAuth: []
18      - BearerAuth: []

This allows different operations to use different authentication methods as needed.