Failed to update API in Azure

Göran Mannberg 26 Reputation points

Im trying to publish my .net3.1 webapp on Azure from Visual Studio.

Visual studio fails on 'Starting to update your API' step, this is the output from visual studio:

Build started...
1>------ Build started: Project: WebApplication_XXX, Configuration: Release Any CPU ------
1>WebApplication_XXX -> C:\Users\YYYY\source\repos\WebApplication_XXX\WebApplication_XXX\bin\Release\netcoreapp3.1\WebApplication_XXX.dll
1>Done building project "WebApplication_XXX.csproj".
2>------ Publish started: Project: WebApplication_XXX, Configuration: Release Any CPU ------
WebApplication_XXX -> C:\Users\YYYY\source\repos\WebApplication_XXX\WebApplication_XXX\bin\Release\netcoreapp3.1\WebApplication_XXX.dll
npm install
npm run build -- --prod
> webapplication_xxx@0.0.0 build C:\Users\YYYY\source\repos\WebApplication_XXX\WebApplication_XXX\ClientApp

> ng build "--prod"

Generating ES5 bundles for differential loading...
ES5 bundle generation complete.
Publish Succeeded.
Web App was published successfully
========== Build: 1 succeeded, 0 failed, 0 up-to-date, 0 skipped ==========
========== Publish: 1 succeeded, 0 failed, 0 skipped ==========
Starting to update your API
Generating swagger file to 'C:\Users\YYYY\source\repos\WebApplication_XXX\WebApplication_XXX\bin\Release\netcoreapp3.1\swagger.json'.
Failed to update your API in Azure.

I then check Azure portal and find some error in 'Create API or Update API' json

"properties": {
    "statusCode": "BadRequest",
    "serviceRequestId": "*****",
    "statusMessage": "{\"error\":{\"code\":\"ValidationError\",\"message\":\"One or more fields contain incorrect values:\",\"details\":[{\"code\":\"ValidationError\",\"target\":\"representation\",\"message\":\"Parsing error(s): JSON is valid against no schemas from 'oneOf'. Path 'securityDefinitions.Bearer', line 2841, position 15.\"},{\"code\":\"ValidationError\",\"target\":\"representation\",\"message\":\"Parsing error(s): The input OpenAPI file is not valid for the OpenAPI specificate (schema\"}]}}",
    "eventCategory": "Administrative",
    "entity": "/subscriptions/*****/resourceGroups/XXX/providers/Microsoft.ApiManagement/service/WebApplicationXXXapi/apis/WebApplicationXXX",
    "message": "Microsoft.ApiManagement/service/apis/write",
    "hierarchy": "*****"

So I open the generated swagger.json file from 'C:\Users\YYYY\source\repos\WebApplication_XXX\WebApplication_XXX\bin\Release\netcoreapp3.1\swagger.json' in swagger editor and get the same error:

Structural error at securityDefinitions.Bearer
should have required property 'type'
missingProperty: type

because the Security Definitions Bearer is empty in the json file

Bearer: {

if I make the following change in in the swagger editor it gets happy:

  Bearer: {
    type: apiKey,
    name: "JWT Authentication",
    in: "header"

In my application Startup.cs I got:

services.AddSwaggerGen(c =>
    c.SwaggerDoc("v1", new OpenApiInfo { Title = "XXX API", Version = "v1" });
    var securityScheme = new OpenApiSecurityScheme
        Name = "JWT Authentication",
        Description = "Enter JWT Bearer token **_only_**",
        In = ParameterLocation.Header,
        Type = SecuritySchemeType.Http,
        Scheme = "bearer", // must be lower case
        BearerFormat = "JWT",
        Reference = new OpenApiReference
            Id = JwtBearerDefaults.AuthenticationScheme,
            Type = ReferenceType.SecurityScheme
    c.AddSecurityDefinition(securityScheme.Reference.Id, securityScheme);
    c.AddSecurityRequirement(new OpenApiSecurityRequirement
        {securityScheme, new string[] { }}

what is it Im missing? Shouldnt the code in Startup.cs add the securityDefinition when generating the swagger.json file? My SwaggerUI works fine when debugging but the dotnet generated swagger.json file is not valid when publishing.

Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
1,852 questions
An object-oriented and type-safe programming language that has its roots in the C family of languages and includes support for component-oriented programming.
10,484 questions
{count} votes

3 answers

Sort by: Most helpful
  1. Vladimir Lashko (DevExpress) 16 Reputation points

    Hi @Ryan Hill ,

    Thank you for sharing your project. I have investigated it and found that I forgot to move UseSwaggerUI out of if(env.IsDevelopment()) in my Startup.cs - this is the cause of the issue in my case. There are still confusing error during publish if you confugure Azure API Management. It can be reproduced on your project too:


    1 person found this answer helpful.

  2. Jacob Jarick 1 Reputation point

    same issue here with dotnet5.0

    locally the swagger.json file includes the auth information and passes swagger editors checks.

    example of auth information included:

          type: http
          description: enter JWT bearer token
          scheme: Bearer
      - Bearer: []

    when publishing the auth information is left out of the swagger.json resulting in publishing failing and swagger editor showing the following error:

    Structural error at securityDefinitions.Bearer
    should have required property 'type'
    missingProperty: type
    Jump to line 450

    and the security info is missing, see below:

      Bearer: {}
      - Bearer: []

    I do have a clunky work around, manually uploading the swagger.json from the local build to azure.

    • Save your swagger.json from the localhost.
    • log into azure ensure you are in your correct directory.
    • Search and select API Management Services
    • Select Your API
    • Click APIs
    • Select the 3 dots next to your API name, click add revision
    • name revision something ie manual
    • Select the 3 dots next to your API name, click import
    • Select OpenAPI
    • Select swagger.json file previously saved and upload.

    Not elegant but it works.

    I would still like to know why visual studio fails to do this automatically and how to resolve.

  3. Ryan Hill 26,771 Reputation points Microsoft Employee

    @Jacob Jarick @Balakrishna, Ajay did some asking and found out the Swashbuckle isn't generating the right output that complies with OAS 2.0 spec. You can get around that by switching to OAS 3.0 but you can't use 3.1 as that spec validation is not yet supported on APIM; no ETA on that. Another option is using NSwag to generate your swagger.