Hello 👋

We're transitioning from a Connexion 2 codebase to a FastAPI one, and this repo has helped us implement a middleware which enables request / response validation to continue against the spec so that we can continue to improve our API and know when things don't match our communicated contracts, for both requests and responses.

I recently picked up a file with no security entries. ReDocly rightly complained about this and the lack of servers nominated.

When I add them, we get errors from the middleware

{"errors":[        {"title":{"errors": [                    {"title":"Security not found. Schemes not valid for any requirement: [["token_auth"]]","status":403,"type":"<class"openapi_core.templating.security.exceptions.SecurityNotFound">"                    }                ]            },"status":400,"type":"<class 'openapi_core.validation.schemas.exceptions.InvalidSchemaValue'>"        }    ]}

I've tidied this up a bit, but it seems to me like I'd like to improve both our security and the OpenAPI separately.

We are nigh-on exactly the same ashttps://swagger.io/docs/specification/v3_0/authentication/bearer-authentication/#describing-bearer-authentication

Someone tried to be clever and implement via typeapiKey; because we technically dont' use the Authorization header (too late to change now the API has existed with this "quirk" for a while.

Anyway, in the same way response checking is disabled, is it possible to disable the security and server checks?