Frontegg · API Governance Rules

Frontegg API Rules

Spectral linting rules defining API design standards and conventions for Frontegg.

9 Rules error 3 warn 3 info 3

View Rules File View on GitHub

Rule Categories

frontegg

Rules

error

frontegg-audits-operation-summary-required

Every operation MUST have a summary describing it.

$.paths[*][*]

warn

frontegg-audits-summary-title-case

Operation summaries MUST be in Title Case (Frontegg convention).

$.paths[*][*].summary

error

frontegg-audits-operation-tag-required

Every operation MUST have at least one tag.

$.paths[*][*]

warn

frontegg-audits-tag-title-case

Tag names MUST be in Title Case.

$.paths[*][*].tags[*]

warn

frontegg-audits-regional-server

Servers MUST include at least one regional Frontegg gateway (api.frontegg.com, api.us.frontegg.com, api.au.frontegg.com, api.ca.frontegg.com).

$.servers[*].url

info

frontegg-audits-bearer-auth-required

Frontegg APIs use JWT Bearer authentication; components.securitySchemes SHOULD declare it.

info

frontegg-audits-frontegg-tenant-header

When environment tokens are used, the frontegg-tenant-id header SHOULD be available as a parameter on management operations.

$.paths[*][*].parameters

error

frontegg-audits-response-2xx-required

Every operation MUST declare at least one 2xx response.

$.paths[*][*].responses

info

frontegg-audits-error-response-401

Authenticated operations SHOULD document 401 responses.

$.paths[*][*].responses

Spectral Ruleset

extends:
  - spectral:oas
rules:
  frontegg-audits-operation-summary-required:
    description: Every operation MUST have a summary describing it.
    given: $.paths[*][*]
    severity: error
    then:
      field: summary
      function: truthy
  frontegg-audits-summary-title-case:
    description: Operation summaries MUST be in Title Case (Frontegg convention).
    given: $.paths[*][*].summary
    severity: warn
    then:
      function: pattern
      functionOptions:
        match: "^[A-Z][A-Za-z0-9-]*( [A-Za-z0-9-]+)*$"
  frontegg-audits-operation-tag-required:
    description: Every operation MUST have at least one tag.
    given: $.paths[*][*]
    severity: error
    then:
      field: tags
      function: truthy
  frontegg-audits-tag-title-case:
    description: Tag names MUST be in Title Case.
    given: $.paths[*][*].tags[*]
    severity: warn
    then:
      function: pattern
      functionOptions:
        match: "^[A-Z][A-Za-z0-9 -]*$"
  frontegg-audits-regional-server:
    description: Servers MUST include at least one regional Frontegg gateway (api.frontegg.com, api.us.frontegg.com, api.au.frontegg.com, api.ca.frontegg.com).
    given: $.servers[*].url
    severity: warn
    then:
      function: pattern
      functionOptions:
        match: "(frontegg\\.com|localhost)"
  frontegg-audits-bearer-auth-required:
    description: Frontegg APIs use JWT Bearer authentication; components.securitySchemes SHOULD declare it.
    given: $
    severity: info
    then:
      field: components.securitySchemes
      function: truthy
  frontegg-audits-frontegg-tenant-header:
    description: When environment tokens are used, the frontegg-tenant-id header SHOULD be available as a parameter on management operations.
    given: $.paths[*][*].parameters
    severity: info
    then:
      function: truthy
  frontegg-audits-response-2xx-required:
    description: Every operation MUST declare at least one 2xx response.
    given: $.paths[*][*].responses
    severity: error
    then:
      function: schema
      functionOptions:
        schema:
          type: object
          patternProperties:
            "^2[0-9][0-9]$":
              type: object
          minProperties: 1
  frontegg-audits-error-response-401:
    description: Authenticated operations SHOULD document 401 responses.
    given: $.paths[*][*].responses
    severity: info
    then:
      field: "401"
      function: truthy