You have an @SecurityRequirement annotation that attempts to enforce the security level of the insert method.

https://github.com/swagger-api/swagger-core/wiki/Swagger-2.X---Annotations#securityrequirement https://docs.swagger.io/swagger-core/v2.0.0-RC3/apidocs/io/swagger/v3/oas/annotations/security/SecurityRequirement.html