Skip to content

feat(auth): add response interceptor to prompt authorization on 401 s… #10441

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 1 commit into
base: master
Choose a base branch
from
Draft

feat(auth): add response interceptor to prompt authorization on 401 s… #10441

wants to merge 1 commit into from

Conversation

dmytro-arkhypenko
Copy link

🟢 Swagger UI: Auto-login Prompt on 401 Response

Description

This PR introduces a new configuration option: autoPromptAuthOn401, which, when enabled, will automatically trigger the "Authorize" modal whenever an API call returns a 401 Unauthorized response in the Swagger UI "Try it out" flow.

SwaggerUI({
  url: "/swagger.json",
  dom_id: "#swagger-ui",
  autoPromptAuthOn401: true
})

This provides a smoother user experience for secured APIs, especially in cases where session expiration is common or initial authorization is missing.

Motivation and Context

Many secured APIs require users to authenticate before accessing most endpoints. Currently, when a 401 is returned, the UI does not give feedback other than showing the raw error, which can confuse users. With this change:

  • Users are immediately prompted to log in.
  • This reduces friction, especially for new or unauthenticated users.

Fixes #10438

How Has This Been Tested?

  • Verified manual requests via "Try it out" to protected endpoints.
  • Confirmed that the modal is triggered only on 401 responses.
  • Ensured that the change does not affect normal UI behavior for public endpoints.
  • Tested fallback behavior when no authorize button is available.

Screenshots

(Not included in this PR)

Checklist

My PR contains...

  • No code changes
  • Dependency changes
  • Bug fixes
  • Improvements
  • Features

My changes...

  • are breaking changes to a public API
  • are breaking changes to a private API
  • are breaking changes to a developer API
  • are not breaking changes

Documentation

  • My changes do not require a change to the project documentation.
  • My changes require a change to the project documentation.
  • If yes to above: I have updated the documentation accordingly.

Automated tests

  • My changes can and should be tested by unit and/or integration tests.
  • If yes to above: I have added tests to cover my changes.
  • If yes to above: I have taken care to cover edge cases in my tests.
  • All new and existing tests passed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Show Swagger UI logon window when API requests came back as 401
1 participant
@dmytro-arkhypenko