From 8bb7a5ff1aa73c914c13ebbcbe09e9f839a886c7 Mon Sep 17 00:00:00 2001 From: Hunter Mellema <124718352+hpmellema@users.noreply.github.com> Date: Tue, 20 Jun 2023 11:26:38 -0600 Subject: [PATCH] Add guide on disabling authentication (#1791) * Add guide on disabling authentication * Update based on PR comments * move into the authTraits spec * move content into an example on auth trait * remove unrendered emphasis --- docs/source-2.0/spec/authentication-traits.rst | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/docs/source-2.0/spec/authentication-traits.rst b/docs/source-2.0/spec/authentication-traits.rst index 44cfa979d60..d1d0b3e1605 100644 --- a/docs/source-2.0/spec/authentication-traits.rst +++ b/docs/source-2.0/spec/authentication-traits.rst @@ -298,6 +298,15 @@ to services and operations: * ``OperationD`` is annotated with the ``auth`` trait and defines an explicit list of authentication schemes. + * ``OperationE`` has authentication disabled by setting the ``auth`` trait + value on the operation to an empty list, ``[]``. + +.. note:: + Disabling authentication for an operation is distinct from applying the + :ref:`@optionalAuth ` trait to an operation. An + operation with the ``@optionalAuth`` trait must be callable both with and + without authentication. + .. code-block:: smithy @httpBasicAuth @@ -331,6 +340,7 @@ to services and operations: operations: [ OperationC OperationD + OperationE ] } @@ -345,6 +355,11 @@ to services and operations: @auth([httpBearerAuth]) operation OperationD {} + // This operation has the @auth trait and is bound to a service with the + // @auth trait. This operation does not support any authentication schemes. + @auth([]) + operation OperationE {} + The following ``auth`` trait is invalid because it references an authentication scheme trait that is not applied to the service: