Security object added to all endpoints, OpenAPI spec

jamie_10253 · November 25, 2025, 10:51am

Hi there! Trying to figure out if i’ve done something wrong here.
Each of our endpoints shows correctly in the UI as having Authorization (bearer token) required on the request. There is a security schema that is applied to the root endpoint, and all our sub folders and endpoints inherit from parent.

But our exported OpenAPI spec has "security":[] on every endpoint.

It is also missing the "security":[{"bearerAuth":[]}] at the root, but this is easily added in via the “OAS overlay customizations” feature. but with the empty security object set on each endpoint, it effectively cancels that out.

Thanks!

Apidog Support · November 25, 2025, 11:12am

The exported file should be correct when using the “Export” button. We’ve identified the issue with the “Open URL” export and will fix it promptly. Thanks for reporting!

jamie_10253 · November 25, 2025, 11:14am

Ahhhh ok, i was just using the URL for testing! thats no problem, its the sync to Git that’s the important piece for us. thank you for such a quick reply!