Details
-
Improvement
-
Status: Open
-
Minor
-
Resolution: Unresolved
-
None
-
None
-
None
Description
If I set Username/Password and hide them by selecting Api Key Authorization Scheme, the client will still use those credentials. If I set Api Key, the client will add both credentials as a request header.
I wonder if it is a global problem. Wouldn't it make sense to automatically remove values from properties that become invisible?