Authentication

Model auth schemes such as bearer, basic, and api key for your event-driven APIs.

Configuring authentication schemes happens in the components.securitySchemes section of AsyncAPI.

asyncapi.yml
1components: 
2  securitySchemes: 
3    ...

To apply a security scheme across all operations, reference the securityScheme within the security section of your AsyncAPI Specification.

asyncapi.yml
1components: 
2  securitySchemes: 
3    AuthScheme:
4      ...
5security: 
6  - AuthScheme: []

Bearer security scheme

Start by defining a bearer security scheme in your asyncapi.yml:

asyncapi.yml
1components:
2  securitySchemes:
3    BearerAuth:
4      type: http
5      scheme: bearer

This will generate an SDK where the user would have to provide a mandatory argument called token.

index.ts
1const client = new Client({
2  token: "ey34..."
3})

If you want to control variable naming and the environment variable to scan, use the configuration below:

asyncapi.yml
1components:
2  securitySchemes:
3    BearerAuth:
4      type: http
5      scheme: bearer
6      x-fern-token:
7        name: authToken
8        env: AUTH_TOKEN

API Key security scheme

Start by defining an apiKey security scheme in your asyncapi.yml:

asyncapi.yml
1components:
2  securitySchemes:
3    ApiKeyAuth:
4      type: apiKey
5      in: header
6      name: X-API-Key

This will generate an SDK where the user would have to provide a mandatory argument called apiKey.

index.ts
1const client = new Client({
2  apiKey: "my-api-key"
3})

Custom API Key variable name

If you want to control variable naming and the environment variable to scan, use the configuration below:

asyncapi.yml
1components:
2  securitySchemes:
3    ApiKeyAuth:
4      type: apiKey
5      x-fern-api-key:
6        name: customApiKey
7        env: CUSTOM_API_KEY
8      in: header
9      name: X-API-Key

Basic security scheme

Start by defining a basic security scheme in your asyncapi.yml:

asyncapi.yml
1components:
2  securitySchemes:
3    BasicAuth:
4      type: http
5      scheme: basic

This will generate an SDK where the user would have to provide a username and password.

index.ts
1const client = new Client({
2  username: "john@example.com",
3  password: "password123"
4})

Custom Basic Auth variable names

If you want to control variable naming and the environment variables to scan, use the configuration below:

asyncapi.yml
1components:
2  securitySchemes:
3    BasicAuth:
4      type: http
5      scheme: basic
6      x-fern-username:
7        name: email
8        env: EMAIL
9      x-fern-password:
10        name: pass
11        env: PASSWORD

OAuth2 security scheme

OAuth2 authentication is supported for AsyncAPI specifications:

asyncapi.yml
1components:
2  securitySchemes:
3    OAuth2:
4      type: oauth2
5      flows:
6        authorizationCode:
7          authorizationUrl: https://example.com/oauth/authorize
8          tokenUrl: https://example.com/oauth/token
9          scopes:
10            read: Read access to resources
11            write: Write access to resources

This will generate an SDK that supports OAuth2 flow for event-driven operations.

Multiple security schemes

You can specify multiple security schemes and apply them to different operations:

asyncapi.yml
1components:
2  securitySchemes:
3    ApiKeyAuth:
4      type: apiKey
5      in: header
6      name: X-API-Key
7    BearerAuth:
8      type: http
9      scheme: bearer
10    OAuth2:
11      type: oauth2
12      flows: ...
13
14operations:
15  sendMessage:
16    security:
17      - ApiKeyAuth: []
18      - BearerAuth: []

This allows different operations to use different authentication methods as needed.