no-x-security-scheme-name-without-openapi

You can only use schemeName in x-security if the step request does not include x-operation.

Arazzo	Compatibility
1.x	✅

API design principles

This is a Respect specific rule. You must use an OpenAPI operation in a step to be able to reference schemeName inside x-security extension.

Configuration

Option	Type	Description
severity	string	Possible values: `off`, `warn`, `error`. Default: `off`.

An example configuration:

arazzoRules:
  no-x-security-scheme-name-without-openapi: error

Examples

Given the following configuration:

arazzoRules:
  no-x-security-scheme-name-without-openapi: error

Example 1 of an entry:

stepId: step-without-openapi-operation-and-security-scheme-name
x-operation:
  method: GET
  url: https://api.example.com/v1/users
x-security:
  - scheme:
      type: http
      scheme: basic
    values:
      username: test@example.com
      password: 123456

Example 2 of an entry:

stepId: step-with-openapi-operation
operationId: museum-api.getMuseumHours
x-security:
  - schemeName: MuseumPlaceholderAuth
    values:
      username: todd@example.com
      password: 123456

Resources

Rule source

no-x-security-scheme-name-without-openapi

API design principles

Configuration

Examples

Resources

Was this helpful?