Mutual TLS Security Scheme in OpenAPI
Mutual TLS (mTLS) is a security protocol that enhances the security of API communication by requiring both the client and server to authenticate each other using digital certificates. This two-way authentication ensures that only trusted parties can establish a connection, providing an additional layer of security.
OpenAPI lets you define a Mutual TLS security scheme using the mutualTLS
type.
Defining a Mutual TLS Security Scheme
To define a Mutual TLS security scheme in OpenAPI, you can use the following structure:
There are no additional fields required for the mutualTLS
type, it is purely
there to indicate that the API requires mutual TLS authentication. The
description
field can be used to provide additional information about who to
talk to for a certificate, or what the process is for obtaining a certificate.
Learn more about Mutual TLS in the OpenAPI Specification
Last updated on