NestJS Logo

Security

To define which security mechanisms should be used for a specific operation, use the @ApiSecurity() decorator.


@ApiSecurity('basic')
@Controller('cats')
export class CatsController {}

Before you run your application, remember to add the security definition to your base document using DocumentBuilder:


const options = new DocumentBuilder().addSecurity('basic', {
  type: 'http',
  scheme: 'basic',
});

Some of the most popular authentication techniques are built-in (e.g., basic and bearer) and therefore you don't have to define security mechanisms manually as shown above.

Basic authentication

To enable basic authentication, use @ApiBasicAuth().


@ApiBasicAuth()
@Controller('cats')
export class CatsController {}

Before you run your application, remember to add the security definition to your base document using DocumentBuilder:


const options = new DocumentBuilder().addBasicAuth();

Bearer authentication

To enable bearer authentication, use @ApiBearerAuth().


@ApiBearerAuth()
@Controller('cats')
export class CatsController {}

Before you run your application, remember to add the security definition to your base document using DocumentBuilder:


const options = new DocumentBuilder().addBearerAuth();

OAuth2 authentication

To enable OAuth2, use @ApiOAuth2().


@ApiOAuth2(['pets:write'])
@Controller('cats')
export class CatsController {}

Before you run your application, remember to add the security definition to your base document using DocumentBuilder:


const options = new DocumentBuilder().addOAuth2();

To enable cookie authentication, use @ApiCookieAuth().


@ApiCookieAuth()
@Controller('cats')
export class CatsController {}

Before you run your application, remember to add the security definition to your base document using DocumentBuilder:


const options = new DocumentBuilder().addCookieAuth('optional-session-id');

Support us

Nest is an MIT-licensed open source project. It can grow thanks to the support by these awesome people. If you'd like to join them, please read more here.

Principal Sponsors

Sanofi LogoTrilon Logo

Sponsors / Partners

Become a sponsor