BBVA · API Governance Rules
BBVA API Rules
Spectral linting rules defining API design standards and conventions for BBVA.
6 Rules
error 2
warn 3
info 1
Rule Categories
bbva
Rules
error
bbva-bearer-auth-required
BBVA API operations must use OAuth 2.0 Bearer token authentication.
$.paths[?([email protected]('(token|oauth)'))].*.security
error
bbva-operation-id-required
All BBVA API operations must have an operationId.
$.paths.*.*
warn
bbva-response-200-required
All GET operations should define a 200 success response.
$.paths.*.get.responses
warn
bbva-error-response-400
Operations should define a 400 error response for bad requests.
$.paths.*.*.responses
info
bbva-country-header-documented
BBVA multi-country APIs should document country selection mechanism.
$.info
warn
bbva-iban-format
IBAN fields should use string format with pattern constraint.
$.components.schemas..[?(@property === 'iban')]