Apache APISIX · API Governance Rules

Apache APISIX API Rules

Spectral linting rules defining API design standards and conventions for Apache APISIX.

19 Rules error 8 warn 9 info 2

View Rules File View on GitHub

Rule Categories

apikey delete get info operation parameter paths response schema security servers

Rules

warn

info-title-prefix

API title must start with "Apache APISIX"

$.info.title

error

info-description-required

API must have a description.

$.info

error

info-version-required

API must declare a version.

$.info

error

servers-defined

At least one server must be defined.

error

operation-summary-required

Every operation must have a summary.

$.paths[*][get,post,put,patch,delete]

warn

operation-summary-starts-with-apache-apisix

Operation summaries must start with "Apache APISIX".

$.paths[*][get,post,put,patch,delete].summary

error

operation-operationId-required

Every operation must have an operationId.

$.paths[*][get,post,put,patch,delete]

warn

operation-operationId-camelCase

operationId must be camelCase.

$.paths[*][get,post,put,patch,delete].operationId

warn

operation-tags-required

Every operation must have at least one tag.

$.paths[*][get,post,put,patch,delete]

warn

operation-description-required

Every operation should have a description.

$.paths[*][get,post,put,patch,delete]

info

paths-kebab-case

Path segments must use kebab-case or standard patterns.

$.paths

warn

parameter-description-required

Every parameter must have a description.

$.paths[*][get,post,put,patch,delete].parameters[*]

error

response-success-required

Every operation must define at least one 2xx response.

$.paths[*][get,post,put,patch,delete].responses

error

response-description-required

Every response must have a description.

$.paths[*][get,post,put,patch,delete].responses[*]

warn

security-schemes-defined

Security schemes must be defined in components.

$.components

warn

apikey-in-header

API key authentication should use a header, not a query parameter.

$.components.securitySchemes[?(@.type=='apiKey')]

error

get-no-request-body

GET operations must not have a request body.

$.paths[*].get

info

delete-returns-200-or-204

DELETE operations should return 200 or 204.

$.paths[*].delete.responses

warn

schema-type-defined

Schema components must have a type defined.

$.components.schemas[*]