You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: versions/3.0.4.md
+4-3Lines changed: 4 additions & 3 deletions
Original file line number
Diff line number
Diff line change
@@ -2744,13 +2744,12 @@ The OpenAPI Specification allows combining and extending model definitions using
2744
2744
`allOf`takes an array of object definitions that are validated *independently* but together compose a single object.
2745
2745
2746
2746
While composition offers model extensibility, it does not imply a hierarchy between the models.
2747
-
To support polymorphism, the OpenAPI Specification adds the `discriminator` field.
2747
+
To support polymorphism, the OpenAPI Specification adds the [`discriminator`](#schemaDiscriminator) field.
2748
2748
When used, the `discriminator` indicates the name of the property that hints which schema definition is expected to validate the structure of the model.
2749
2749
As such, the `discriminator` field MUST be a required field.
2750
2750
There are two ways to define the value of a discriminator for an inheriting instance.
2751
2751
- Use the schema name.
2752
-
- Override the schema name by overriding the property with a new value. If a new value exists, this takes precedence over the schema name.
2753
-
As such, inline schema definitions, which do not have a given id, *cannot* be used in polymorphism.
2752
+
- [Override the schema name](#discriminatorMapping) by overriding the property with a new value. If a new value exists, this takes precedence over the schema name.
Defines a security scheme that can be used by the operations.
3608
+
3609
3609
Supported schemes are HTTP authentication, an API key (either as a header, a cookie parameter or as a query parameter), OAuth2's common flows (implicit, password, client credentials and authorization code) as defined in [RFC6749](https://tools.ietf.org/html/rfc6749), and [OpenID Connect Core](https://openid.net/specs/openid-connect-core-1_0.html).
3610
+
Please note that as of 2020, the implicit flow is about to be deprecated by [OAuth 2.0 Security Best Current Practice](https://tools.ietf.org/html/draft-ietf-oauth-security-topics). Recommended for most use case is Authorization Code Grant flow with PKCE.
0 commit comments