Swagger UI Not adding Header to Requests -

i using swagger 2.0 , swagger ui 3.0.3.

in api_definition.yaml have following before paths:

swagger: '2.0'  ################################################################################ #                  host, base path, schemes , content types                  # ################################################################################ # metadata info:   version: v1   title: microservice   description: microservice api!   host: sandbox  basepath: '/apps/fiji/v1' schemes:   - http  securitydefinitions:   apikey:     type: apikey     name: x-access-token     in: header  security:   - apikey: []  produces:   - application/json consumes:   - application/json 

this adds authorize button the swagger ui user can paste in api key. api key sent in request header of every request. not happen though , i'm not sure why. missing something?

edit:

the request seems send , 401 unauthorized.

chrome dev tools shows following request headers:

get /apps/fiji/v1/getcpicountries http/1.1 host: sandbox connection: keep-alive accept: application/json user-agent: mozilla/5.0 (windows nt 6.1; wow64) applewebkit/537.36 (khtml, gecko) chrome/57.0.2987.133 safari/537.36 content-type: application/json referer: http://sandbox/apps/fiji/vendor/swagger-ui/dist/index.html?url=http://sandbox/apps/fiji/swagger/api_definition.yaml accept-encoding: gzip, deflate, sdch accept-language: en-us,en;q=0.8 

i have paths set as:

# api paths paths:   # getcpicountries endpoint   /getcpicountries:     # http operations     get:       # describe verb here. note: can use markdown       description: |         returns list of countries , country codes       produces:       - application/json       security:         - auth:           - role_admin       # expected responses operation:       responses:         # response code         200:           description: successful response           # schema describing response object.           # use json schema format           schema:             properties:               data:                 type: array                 items:                   $ref: '#/definitions/cpiresponse' 

and definitions follows:

definitions:   cpiresponse:     type: object   userobject:     type: object     properties:       email:         type: string       id:         type: number       orgid:         type: number       firstname:         type: string       lastname:         type: string 

the problem override security in paths. need remove following:

security:     - auth:     - role_admin