"type": "oauth2",
                        "flows": {
                            "authorizationCode": {
                                "scopes": {
                                    "read": "Read access",
                                    "write": "Write access",
                                },
                                "authorizationUrl": "api/oauth/authorize",

    - Security:
      - tutorial/security/index.md
      - tutorial/security/first-steps.md
      - tutorial/security/get-current-user.md
      - tutorial/security/simple-oauth2.md
      - tutorial/security/oauth2-jwt.md
    - tutorial/middleware.md
    - tutorial/cors.md
    - tutorial/sql-databases.md
    - tutorial/bigger-applications.md
    - tutorial/background-tasks.md
    - tutorial/metadata.md

    /** OAuth2 state parameter name. */
    protected static final String STATE = "state";

    /** OAuth2 error parameter name. */
    protected static final String ERROR = "error";

    /** OAuth2 error description parameter name. */
    protected static final String ERROR_DESCRIPTION = "error_description";

    /** OAuth2 error URI parameter name. */

```

::: fastapi.Depends

## `Security()`

For many scenarios, you can handle security (authorization, authentication, etc.) with dependencies, using `Depends()`.

But when you want to also declare OAuth2 scopes, you can use `Security()` instead of `Depends()`.

You can import `Security()` directly from `fastapi`:

```python
from fastapi import Security
```

                }
            }
        },
        "components": {
            "securitySchemes": {
                "OAuth2AuthorizationCodeBearer": {
                    "type": "oauth2",
                    "flows": {
                        "authorizationCode": {
                            "authorizationUrl": "authorize",
                            "tokenUrl": "token",

Підтримуються всі схеми безпеки OpenAPI, включаючи:

* HTTP Basic.
* **OAuth2** (також із підтримкою **JWT-токенів**). Див. підручник: [OAuth2 із JWT](tutorial/security/oauth2-jwt.md){.internal-link target=_blank}.
* Ключі API в:
    * Заголовках.
    * Параметрах запиту.
    * Cookies тощо.

                }
            }
        },
        "components": {
            "securitySchemes": {
                "OAuth2PasswordBearer": {
                    "type": "oauth2",
                    "flows": {"password": {"scopes": {}, "tokenUrl": "/token"}},
                    "description": "OAuth2PasswordBearer security scheme",
                }
            }
        },

Все схемы безопасности, определённые в OpenAPI, включая:

* HTTP Basic.
* **OAuth2** (также с **токенами JWT**). Ознакомьтесь с руководством [OAuth2 с JWT](tutorial/security/oauth2-jwt.md){.internal-link target=_blank}.
* Ключи API в:
    * Заголовках.
    * Параметрах запросов.
    * Cookies и т.п.

Tous les protocoles de sécurités sont définis dans OpenAPI, incluant:

* HTTP Basic.
* **OAuth2** (aussi avec **JWT tokens**). Jetez un oeil au tutoriel [OAuth2 avec JWT](tutorial/security/oauth2-jwt.md){.internal-link target=_blank}.
* Clés d'API dans:
    * Le header.
    * Les paramètres de requêtes.
    * Les cookies, etc.

    assert "/static/swagger-ui-bundle.js" in response.text
    assert "/static/swagger-ui.css" in response.text


def test_swagger_ui_oauth2_redirect_html(client: TestClient):
    response = client.get("/docs/oauth2-redirect")
    assert response.status_code == 200, response.text
    assert "window.opener.swaggerUIRedirectOauth2" in response.text


def test_redoc_html(client: TestClient):
    response = client.get("/redoc")