Citizens Financial Group · API Governance Rules
Citizens Financial Group API Rules
Spectral linting rules defining API design standards and conventions for Citizens Financial Group.
6 Rules
error 3
warn 3
Rule Categories
citizens
Rules
error
citizens-https-only
All Citizens API servers MUST use HTTPS.
$.servers[*].url
error
citizens-oauth-required
Citizens APIs MUST declare an OAuth 2.0 security scheme for consented data access.
$.components.securitySchemes
error
citizens-operation-id
Operations MUST have an operationId.
$.paths[*][get,post,put,delete,patch]
warn
citizens-tag-required
Operations MUST be tagged for product domain grouping.
$.paths[*][get,post,put,delete,patch].tags
warn
citizens-info-contact
API info MUST contain a contact for security disclosures.
$.info
warn
citizens-fdx-alignment
Open banking endpoints SHOULD align with Financial Data Exchange (FDX) field names.
$.components.schemas