CMiC · API Governance Rules
CMiC API Rules
Spectral linting rules defining API design standards and conventions for CMiC.
9 Rules
error 4
warn 5
Rule Categories
cmic
Rules
error
cmic-info-contact
API contact information must be present.
$.info
error
cmic-server-https
All server URLs must use HTTPS.
$.servers[*].url
warn
cmic-server-host
Production server should target api.cmic.ca.
$.servers[*].url
error
cmic-oauth-security
An OAuth 2.0 security scheme must be defined.
$.components.securitySchemes[*]
error
cmic-operation-id
Every operation must declare a unique operationId.
$.paths[*][get,post,put,patch,delete]
warn
cmic-operation-tags
Operations must declare at least one tag.
$.paths[*][get,post,put,patch,delete]
warn
cmic-list-pagination
List GET operations should accept limit and offset parameters.
$.paths[*].get[?(@.operationId && @.operationId.match(/^list/))]
warn
cmic-error-responses
Operations must declare 401 and 403 responses.
$.paths[*][get,post,put,patch,delete].responses
warn
cmic-rest-base-path
Server URLs should include the /rest base path.
$.servers[?(@.url && @.url.indexOf('api.cmic.ca') > -1)].url