Keycloak integration in Swagger

Question

I have a Keycloak protected backend that I would like to access via swagger-ui. Keycloak provides the oauth2 implicit and access code flow, but I was not able to make it wor

Answer 1

Swagger-ui + Keycloak (or any other OAuth2 provider) using implicit flow, OpenAPI 3.0 template:

components:
  ...
   securitySchemes:
    my_auth_whatever:
      type: oauth2
      flows:
        implicit:
          authorizationUrl: https://MY-KEYCLOAK-HOST/auth/realms/MY-REALM-ID/protocol/openid-connect/auth
          scopes: {}
  ...
security:
  - my_auth_whatever: []

Make sure the implicit flow is enabled in Keycloak settings for the client that you use.

One downside is that the user is still asked for client_id in the modal when clicks on "Authorize" button in Swagger UI. The value that user enters may be overwritten by adding query param ?client_id=YOUR-CLIENT-ID to the authorizationUrl but it's kinda the dirty hack and the modal is still showed to the user. When running swagger-ui in docker - the OAUTH_CLIENT_ID env var may be provided to container to set the default client_id value for the modal. For non-docker deployment refer to @wargre's approach with changing the index.html (not sure if there's a better way).

For SwaggerAPI (OpenAPI 2.0) example refer to first code snippet in @wargre's answer and this doc: https://swagger.io/docs/specification/2-0/authentication/