From 3c232ca615c91a2ca422201e7e8dbb0cb86e9875 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Pacheco?= Date: Mon, 24 Feb 2025 18:17:42 -0500 Subject: [PATCH] auto_error=False --- docs/en/docs/advanced/security/api-key.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/docs/en/docs/advanced/security/api-key.md b/docs/en/docs/advanced/security/api-key.md index 23b41636b..bb3ba8e0a 100644 --- a/docs/en/docs/advanced/security/api-key.md +++ b/docs/en/docs/advanced/security/api-key.md @@ -67,3 +67,10 @@ The client will then need to pass in the key as part of the query param: ```http GET /secure-data?x-api-key=mysecretapikey HTTP/1.1 ``` + +## Multiple Auth Schemes + +By default, these API key schemes set `auto_error=True`. This means that if no +value is found in the expected location (header, cookie, or query param), the +application will raise an exception (currently 403). If you'd like to have +multiple auth schemes, then you can set `auto_error=False` on `APIKeyHeader`, etc.