AWS4-HMAC-SHA256:
  type: apiKey
  description: |
    AWS Signature Version 4 authentication for S3 API endpoints.
    
    ## Authentication Process
    1. Create a canonical request
    2. Create a string to sign
    3. Calculate the signature using HMAC-SHA256
    4. Add the authorization header or query parameters
    
    ## Authorization Header Format
    ```
    Authorization: AWS4-HMAC-SHA256 Credential=<AccessKey>/<Date>/<Region>/s3/aws4_request,SignedHeaders=<SignedHeaders>,Signature=<Signature>
    ```
    
    ## Query String Format (for presigned URLs)
    ```
    ?X-Amz-Algorithm=AWS4-HMAC-SHA256
    &X-Amz-Credential=<AccessKey>/<Date>/<Region>/s3/aws4_request
    &X-Amz-Date=<Timestamp>
    &X-Amz-Expires=<ExpirationTime>
    &X-Amz-SignedHeaders=<SignedHeaders>
    &X-Amz-Signature=<Signature>
    ```
    
    ## Required Headers
    - `Authorization`: The calculated authorization value
    - `x-amz-date`: Timestamp in ISO 8601 format (YYYYMMDDTHHMMSSZ)
    - `x-amz-content-sha256`: SHA256 hash of the request payload
    
    ## Example
    ```
    Authorization: AWS4-HMAC-SHA256 Credential=AKIAIOSFODNN7EXAMPLE/20230115/us-east-1/s3/aws4_request,SignedHeaders=host;x-amz-date,Signature=fe5f80f77d5fa3beca038a248ff027d0445342fe2855ddc963176630326f1024
    x-amz-date: 20230115T103000Z
    x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
    ```
  name: Authorization
  in: header

ApiKey:
  type: apiKey
  description: |
    API key authentication for management console endpoints.
    
    ## Usage
    Include your API key in the `X-API-Key` header for all management API requests.
    
    ## Example
    ```
    X-API-Key: your-api-key-here
    ```
    
    ## Obtaining an API Key
    API keys can be generated through the management console or by contacting your administrator.
    
    ## Permissions
    API keys have full access to the management API and should be kept secure.
  name: X-API-Key
  in: header

BearerAuth:
  type: http
  scheme: bearer
  bearerFormat: JWT
  description: |
    JWT Bearer token authentication (optional alternative for management API).
    
    ## Usage
    Include the JWT token in the Authorization header:
    ```
    Authorization: Bearer <jwt-token>
    ```
    
    ## Token Structure
    The JWT token contains claims about the user's permissions and expires after a set period.
    
    ## Example
    ```
    Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
    ```

BasicAuth:
  type: http
  scheme: basic
  description: |
    HTTP Basic authentication (for simple setups).
    
    ## Usage
    Encode username:password in Base64 and include in Authorization header:
    ```
    Authorization: Basic <base64-encoded-credentials>
    ```
    
    ## Example
    ```
    Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=
    ```
    
    ## Note
    Basic auth should only be used over HTTPS in production environments.