chore: correctly document SCIM authentication (#15234)

2025-07-30 22:19:53 +00:00 · 2024-10-25 12:40:13 -05:00
parent 900e2cd39c
commit 27f5ff2dd1
5 changed files with 30 additions and 16 deletions
--- a/coderd/apidoc/docs.go
+++ b/coderd/apidoc/docs.go
@@ -3627,7 +3627,7 @@ const docTemplate = `{
            "get": {
                "security": [
                    {
-                        "CoderSessionToken": []
+                        "Authorization": []
                    }
                ],
                "produces": [
@@ -3647,7 +3647,7 @@ const docTemplate = `{
            "post": {
                "security": [
                    {
-                        "CoderSessionToken": []
+                        "Authorization": []
                    }
                ],
                "produces": [
@@ -3683,7 +3683,7 @@ const docTemplate = `{
            "get": {
                "security": [
                    {
-                        "CoderSessionToken": []
+                        "Authorization": []
                    }
                ],
                "produces": [
@@ -3713,7 +3713,7 @@ const docTemplate = `{
            "patch": {
                "security": [
                    {
-                        "CoderSessionToken": []
+                        "Authorization": []
                    }
                ],
                "produces": [
@@ -16289,6 +16289,11 @@ const docTemplate = `{
        }
    },
    "securityDefinitions": {
+        "Authorization": {
+            "type": "apiKey",
+            "name": "Authorizaiton",
+            "in": "header"
+        },
        "CoderSessionToken": {
            "type": "apiKey",
            "name": "Coder-Session-Token",
--- a/coderd/apidoc/swagger.json
+++ b/coderd/apidoc/swagger.json
@@ -3193,7 +3193,7 @@
 			"get": {
 				"security": [
 					{
-						"CoderSessionToken": []
+						"Authorization": []
 					}
 				],
 				"produces": ["application/scim+json"],
@@ -3209,7 +3209,7 @@
 			"post": {
 				"security": [
 					{
-						"CoderSessionToken": []
+						"Authorization": []
 					}
 				],
 				"produces": ["application/json"],
@@ -3241,7 +3241,7 @@
 			"get": {
 				"security": [
 					{
-						"CoderSessionToken": []
+						"Authorization": []
 					}
 				],
 				"produces": ["application/scim+json"],
@@ -3267,7 +3267,7 @@
 			"patch": {
 				"security": [
 					{
-						"CoderSessionToken": []
+						"Authorization": []
 					}
 				],
 				"produces": ["application/scim+json"],
@@ -14902,6 +14902,11 @@
 		}
 	},
 	"securityDefinitions": {
+		"Authorization": {
+			"type": "apiKey",
+			"name": "Authorizaiton",
+			"in": "header"
+		},
 		"CoderSessionToken": {
 			"type": "apiKey",
 			"name": "Coder-Session-Token",
--- a/coderd/coderd.go
+++ b/coderd/coderd.go
@@ -271,6 +271,10 @@ type Options struct {

 // @BasePath /api/v2

+// @securitydefinitions.apiKey Authorization
+// @in header
+// @name Authorizaiton
+
 // @securitydefinitions.apiKey CoderSessionToken
 // @in header
 // @name Coder-Session-Token
--- a/docs/reference/api/enterprise.md
+++ b/docs/reference/api/enterprise.md
@@ -2014,7 +2014,7 @@ To perform this operation, you must be authenticated. [Learn more](authenticatio
 ```shell
 # Example request using curl
 curl -X GET http://coder-server:8080/api/v2/scim/v2/Users \
-  -H 'Coder-Session-Token: API_KEY'
+  -H 'Authorizaiton: API_KEY'
 ```

 `GET /scim/v2/Users`
@@ -2036,7 +2036,7 @@ To perform this operation, you must be authenticated. [Learn more](authenticatio
 curl -X POST http://coder-server:8080/api/v2/scim/v2/Users \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
-  -H 'Coder-Session-Token: API_KEY'
+  -H 'Authorizaiton: API_KEY'
 ```

 `POST /scim/v2/Users`
@@ -2118,7 +2118,7 @@ To perform this operation, you must be authenticated. [Learn more](authenticatio
 ```shell
 # Example request using curl
 curl -X GET http://coder-server:8080/api/v2/scim/v2/Users/{id} \
-  -H 'Coder-Session-Token: API_KEY'
+  -H 'Authorizaiton: API_KEY'
 ```

 `GET /scim/v2/Users/{id}`
@@ -2146,7 +2146,7 @@ To perform this operation, you must be authenticated. [Learn more](authenticatio
 curl -X PATCH http://coder-server:8080/api/v2/scim/v2/Users/{id} \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/scim+json' \
-  -H 'Coder-Session-Token: API_KEY'
+  -H 'Authorizaiton: API_KEY'
 ```

 `PATCH /scim/v2/Users/{id}`
--- a/enterprise/coderd/scim.go
+++ b/enterprise/coderd/scim.go
@@ -40,7 +40,7 @@ func (api *API) scimVerifyAuthHeader(r *http.Request) bool {
 //
 // @Summary SCIM 2.0: Get users
 // @ID scim-get-users
-// @Security CoderSessionToken
+// @Security Authorization
 // @Produce application/scim+json
 // @Tags Enterprise
 // @Success 200
@@ -67,7 +67,7 @@ func (api *API) scimGetUsers(rw http.ResponseWriter, r *http.Request) {
 //
 // @Summary SCIM 2.0: Get user by ID
 // @ID scim-get-user-by-id
-// @Security CoderSessionToken
+// @Security Authorization
 // @Produce application/scim+json
 // @Tags Enterprise
 // @Param id path string true "User ID" format(uuid)
@@ -118,7 +118,7 @@ var SCIMAuditAdditionalFields = map[string]string{
 //
 // @Summary SCIM 2.0: Create new user
 // @ID scim-create-new-user
-// @Security CoderSessionToken
+// @Security Authorization
 // @Produce json
 // @Tags Enterprise
 // @Param request body coderd.SCIMUser true "New user"
@@ -254,7 +254,7 @@ func (api *API) scimPostUser(rw http.ResponseWriter, r *http.Request) {
 //
 // @Summary SCIM 2.0: Update user account
 // @ID scim-update-user-status
-// @Security CoderSessionToken
+// @Security Authorization
 // @Produce application/scim+json
 // @Tags Enterprise
 // @Param id path string true "User ID" format(uuid)