@scap ah - yes. Good catch! We can open that up so you can use it by providing a custom filter. The only thing is that in OpenApi it uses the Param to build the JSON, so we’ll have to be a bit smart about it. If you proceed on that assumption for now then I’ll make the change and release a new version ASAP. can you reimplement Security locally to override the sealed with open for the time being (I’ve never actually tried this so don’t know if it works)? 😊