We have released a fix for HTTP Bearer authentication type in our OpenAPI import/transformation which was previously treating JWT as the default bearer authentication type. However, this will no longer be the case unless the
bearerFormat in OpenAPI explicitly declares the format to be
OpenAPI v3.0 specification files using the
bearer security scheme were all imported in APIMatic with the
JWT bearer authentication type regardless of the
bearerFormat. However, we are now changing the behaviour to be such that a HTTP Bearer authentication would be considered of
JWT type only if its
bearerFormat is set to
otherwise it would be treated as a normal
HTTP Bearer authentication.
This is a breaking change as re-importing or re-transforming your OpenAPI files will change the bearer authentication type unless your file explicitly states the
How Can I Avoid This Change?
If you want to retain
JWT as the bearer token type upon import/tranformation, you need to explicitly set
JWT in your OpenAPI file security scheme configuration as shown below: