We created a basic version of our API in Swagger and would like to publish it to Apigee with OAuth authentication.

We understand that Apigee can do the OAuth part for us and that any requests that arrive at the API implementation doesn't even need to know that there was some authentication involved. That implies that the API has 2 "faces", the external interface which expects an OAuth token and an internal interface which is strictly business oriented.

Do I need to build 2 versions of the Swagger specification: the internal one we use to generate server stubs and the external one which adds the authentication API and the token parameters? Is there any feature in Apigee that can automate, or reduce maintenance, in generating the external interface?