Inside your SwaggerConfig.cs file, un-comment the following pieces of code to satisfy your security needs.

                    // You can use "BasicAuth", "ApiKey" or "OAuth2" options to describe security schemes for the 
                    // See https://github.com/swagger-api/swagger-spec/blob/master/versions/2.0.md for more details.
                    // NOTE: These only define the schemes and need to be coupled with a corresponding "security" property
                    // at the document or operation level to indicate which schemes are required for an operation. To do this,
                    // you'll need to implement a custom IDocumentFilter and/or IOperationFilter to set these properties
                    // according to your specific authorization implementation
                    //
                    c.BasicAuth("basic")
                        .Description("Basic HTTP Authentication");
                    //
                    // NOTE: You must also configure 'EnableApiKeySupport' below in the SwaggerUI section
                    //c.ApiKey("apiKey")
                    //    .Description("API Key Authentication")
                    //    .Name("apiKey")
                    //    .In("header");
                    //
                    //c.OAuth2("oauth2")
                    //    .Description("OAuth2 Implicit Grant")
                    //    .Flow("implicit")
                    //    .AuthorizationUrl("http://petstore.swagger.wordnik.com/api/oauth/dialog")
                    //    //.TokenUrl("https://tempuri.org/token")
                    //    .Scopes(scopes =>
                    //    {
                    //        scopes.Add("read", "Read access to protected resources");
                    //        scopes.Add("write", "Write access to protected resources");
                    //    });

This solution will only work if you have implemented authentication in your solution.

1. Create new folder swagger in solution
2. Add new Web.config file.

3. write following code in it:

   <configuration> 
       <system.web> 
           <authorization> 
               <deny users="?" /> 
           </authorization> 
       </system.web> 
       <system.webServer> 
           <modules runAllManagedModulesForAllRequests="true" /> 
       </system.webServer> 
   </configuration>
   

I figured out the way to do this. Use the latest swashbuckle version and add the below div tag in the injected index.html

<div id='auth_container'>

This will show an Authorize button in the swagger UI which can be used for authentication and once Authenticated, for all the requests to the API, the JWT token will be passed from the swagger UI

Also, follow the below link to protect all the calls for the swagger docs - https://github.com/domaindrivendev/Swashbuckle/issues/601

I don't think there's a way to secure the swagger swashbuckle endpoint up until now. You can have tips and more into this from their github issue here