BeyondTrust · API Governance Rules

BeyondTrust API Rules

Spectral linting rules defining API design standards and conventions for BeyondTrust.

23 Rules error 10 warn 11 info 2

View Rules File View on GitHub

Rule Categories

credential http info no openapi operation parameter response schema security servers

Rules

warn

info-title-prefix

API title should start with "BeyondTrust"

$.info.title

error

info-description-required

API info must have a description

$.info

error

info-version-required

API must specify a version

$.info

warn

openapi-version-3

Should use OpenAPI 3.0.x

$.openapi

error

servers-defined

At least one server must be defined

error

operation-summary-required

All operations must have a summary

$.paths[*][get,post,put,patch,delete]

warn

operation-summary-prefix

Operation summaries should start with "BeyondTrust"

$.paths[*][get,post,put,patch,delete].summary

error

operation-id-required

All operations must have operationId

$.paths[*][get,post,put,patch,delete]

warn

operation-id-camel-case

operationId should use camelCase

$.paths[*][get,post,put,patch,delete].operationId

warn

operation-tags-required

Operations must have tags

$.paths[*][get,post,put,patch,delete]

warn

operation-description-required

Operations should have descriptions

$.paths[*][get,post,put,patch,delete]

warn

parameter-description-required

Parameters must have descriptions

$.paths[*][get,post,put,patch,delete].parameters[*]

error

response-success-required

Operations must define a success response

$.paths[*][get,post,put,patch,delete].responses

error

response-description-required

Response descriptions are required

$.paths[*][get,post,put,patch,delete].responses[*]

info

response-401-for-auth

Auth endpoints should return 401 on failure

$.paths[*][post].responses

warn

schema-description-required

Component schemas should have descriptions

$.components.schemas[*]

info

schema-pascal-case-names

Schema names should use PascalCase

$.components.schemas

error

security-schemes-defined

Security schemes must be defined

$.components

warn

security-global-defined

Global security should be defined

error

http-get-no-body

GET operations should not have request bodies

$.paths[*].get

warn

http-delete-no-body

DELETE operations should not have request bodies

$.paths[*].delete

error

credential-endpoint-secured

Credential retrieval endpoints must require authentication

$.paths['/requests/{requestId}/credentials'].get

warn

no-empty-descriptions

Descriptions should not be empty

$..description