When OpenAPI resource does not specify any security requirement, the 3scale toolbox enables anonymous access policy in 3scale. It requires application user key which is asked to the user.

The import openapi command should create (if it does not exist):

• Application plan for the service if it does not exist.
• Application with the given user key if it does not exist.

GH issue: https://github.com/3scale/3scale_toolbox/issues/177