diff --git a/auth/store.go b/auth/store.go
index 6b68196f796c..fb5e74c1df14 100644
--- a/auth/store.go
+++ b/auth/store.go
@@ -1000,23 +1000,23 @@ func (as *authStore) AuthInfoFromCtx(ctx context.Context) (*AuthInfo, error) {
 		return nil, nil
 	}
 
-	for k := range md {
-		if k == "token" || k == "authorization" {
-			ts, tok := md[k]
-			if !tok {
-				return nil, nil
-			}
-			token := ts[0]
-			authInfo, uok := as.authInfoFromToken(ctx, token)
-			if !uok {
-				plog.Warningf("invalid auth token: %s", token)
-				return nil, ErrInvalidAuthToken
-			}
-			plog.Debugf("checking value in loop %s", k)
-			return authInfo, nil
-		}
+	//TODO(mitake|hexfusion) review unifying key names
+	ts, ok := md["token"]
+	if !ok {
+		ts, ok = md["authorization"]
+	}
+	if !ok {
+		return nil, nil
 	}
-	return nil, nil
+
+	token := ts[0]
+	authInfo, uok := as.authInfoFromToken(ctx, token)
+	if !uok {
+		plog.Warningf("invalid auth token: %s", token)
+		return nil, ErrInvalidAuthToken
+	}
+
+	return authInfo, nil
 }
 
 func (as *authStore) GenTokenPrefix() (string, error) {
diff --git a/scripts/genproto.sh b/scripts/genproto.sh
index 1b46073459d3..05db756877a3 100755
--- a/scripts/genproto.sh
+++ b/scripts/genproto.sh
@@ -101,6 +101,10 @@ for pb in etcdserverpb/rpc api/v3lock/v3lockpb/v3lock api/v3election/v3electionp
 done
 rm -rf Documentation/dev-guide/apispec/swagger/etcdserver/
 
+# append security to swagger spec
+go get -u "github.com/hexfusion/schwag"
+schwag -input=Documentation/dev-guide/apispec/swagger/rpc.swagger.json
+
 # install protodoc
 # go get -v -u github.com/coreos/protodoc
 #