Validate only one of two security options

Hello!

I'm developing an API with FastAPI, and I have 2 types of security: oauth2 and api_key (from headers).

Some endpoint use oauth2 (basically interactions from frontend), and others use api_key (for some automations), and all works fine.

My question is: is it possible to combine these two options, but be enough that one of them is fulfilled?

I have tried several approaches, but I can't get it to work (at least via Postman). I imagine that one type of authorization “overrides” the other (I have to use either oauth2 or api_key when I make the request, but check both).

Any idea?

Thanks a lot!