README updated about security

README.rst

@@ -78,6 +78,9 @@ and unmarshal request data from validation result
    # get body
    validated_body = result.body
 
+   # get security data
+   validated_security = result.security
+
 Request object should be instance of OpenAPIRequest class (See `Integrations`_).
 
 Response
@@ -110,6 +113,45 @@ and unmarshal response data from validation result
 
 Response object should be instance of OpenAPIResponse class (See `Integrations`_).
 
+Security
+********
+
+openapi-core supports security for authentication and authorization process. Security data for security schemas are accessible from `security` attribute of `RequestValidationResult` object.
+
+For given security specification:
+
+.. code-block:: yaml
+
+   security:
+     - BasicAuth: []
+     - ApiKeyAuth: []
+   components:
+     securitySchemes:
+       BasicAuth:
+         type: http
+         scheme: basic
+       ApiKeyAuth:
+         type: apiKey
+         in: header
+         name: X-API-Key
+
+you can access your security data the following:
+
+.. code-block:: python
+
+   result = validator.validate(request)
+
+   # get basic auth decoded credentials
+   result.security['BasicAuth']
+
+   # get api key
+   result.security['ApiKeyAuth']
+
+Supported security types:
+
+* http – for Basic and Bearer HTTP authentications schemes
+* apiKey – for API keys and cookie authentication
+
 
 Customizations
 ##############