Our API needs user information. To test it from Swagger-UI we needed to be able to execute an Implicit Grant flow, and then use the authorize token from that flow in proceeding calls in the authorization header.
Given the currently somewhat crippled capability of Swagger-UI, and the need to still get things done, I settled on a pragmatic but not all that clever solution.
I decided to override the version of Swagger-UI that comes packaged with Swashbuckle, and in doing so add in a little code to accomplish what I wanted. In the image below you can see an additional button in the UI, Get Auth Token. This button hits the API endpoint which redirects to Auth0. The user logs in, and is redirected back to the Swagger-UI endpoint. The token is in the URL, and is extracted and shown in a prompt for the user to copy to the clipboard. The user must then hit the authorize button and paste the code from the clipboard into the dialog at which point they are logged in.
While this may sound terrible, it's a good deal easier than logging into another application and pulling an access token out using Fiddler...
The secret to this working is that Swashbuckle allows you to specify a new index file.Download the Swagger-UI source from github and keep the following files. Set the index files build action to embedded resource in Visual Studio.
Replace the body of the code in index with the code body of the index file from the gist above. If your using Swashbuckle over-ride the default index with your modified file by setting the IndexStream in the config.
c.IndexStream = () => GetType().GetTypeInfo().Assembly.GetManifestResourceStream("Project.API.Swagger.index.html");
If you find yourself using Swagger and Auth0, you might find yourself doing something similar. :)