I want to add the oauth2 authentication to my web API so i have created a spec with securitydefinitions:

"securityDefinitions": {
    "OauthSecurity": {
        "type": "oauth2",
        "authorizationUrl": "http://localhost/oauth/dialog", 
        "flow": "implicit",
            "scopes": {
                "admin": "Admin scope",
                "user": "User scope",
                "media": "Media scope"
            }
    }
},
"security": [
    {
        "OauthSecurity": [
            "user"
        ]
    }
],

so it generated me some annotations on my API:

@io.swagger.annotations.Authorization(value = "OauthSecurity", scopes = {
        @io.swagger.annotations.AuthorizationScope(scope = "user", description = "User scope")
    })

So how do i continue now? I still can acces (curl without any headers or tokens or whatsover) my API without any trouble at all.

Sure i can create the auth endpdoint but i somehow miss the link between the generated API and oauth.

Been a while and according to this, by using OpenAPI 3.0 you can do:

components:
  securitySchemes:
    oAuthSample:    # <---- arbitrary name
      type: oauth2
      description: This API uses OAuth 2 with the implicit grant flow. [More info](https://api.example.com/docs/auth)
      flows:
        implicit:   # <---- OAuth flow(authorizationCode, implicit, password or clientCredentials)
          authorizationUrl: https://api.example.com/oauth2/authorize
          scopes:
            read_pets: read your pets
            write_pets: modify pets in your account

I currently am using Bearer Auth, which works pretty well.

Hope it helps!