Oura · API Governance Rules

Oura API Rules

Spectral linting rules defining API design standards and conventions for Oura.

7 Rules error 1 warn 5 info 1
View Rules File View on GitHub

Rule Categories

oura

Rules

warn
oura-paths-must-start-with-v2
All Oura paths must start with /v2/.
$.paths[*]~
warn
oura-info-title-must-be-oura-api
info.title should be 'Oura API'.
$.info.title
warn
oura-openapi-version-3_1
Oura uses OpenAPI 3.1.
$.openapi
warn
oura-operation-needs-summary
Every operation must have a summary.
$.paths.*[get,post,put,delete,patch]
error
oura-operation-needs-operationid
Every operation must have an operationId.
$.paths.*[get,post,put,delete,patch]
warn
oura-bearer-or-oauth2-security
Security schemes should include HTTPBearer and/or OAuth2.
$.components.securitySchemes
info
oura-sandbox-mirror-usercollection
Every /v2/sandbox/usercollection/* path should mirror a /v2/usercollection/* path.
$.paths[?(@property.match(/^\/v2\/sandbox\/usercollection\//))]~

Spectral Ruleset

Raw ↑ 
extends:
  - [spectral:oas, all]
documentationUrl: https://cloud.ouraring.com/v2/docs
description: Spectral ruleset capturing Oura Developer Cloud v2 conventions. Enforces consistent path prefixes,
  bearer-token security, and OpenAPI 3.1 compliance across the production usercollection, sandbox, and webhook
  surfaces.
rules:
  oura-paths-must-start-with-v2:
    description: All Oura paths must start with /v2/.
    message: "Path '{{value}}' should start with /v2/."
    severity: warn
    given: $.paths[*]~
    then:
      function: pattern
      functionOptions:
        match: "^/v2/"
  oura-info-title-must-be-oura-api:
    description: info.title should be 'Oura API'.
    severity: warn
    given: $.info.title
    then:
      function: pattern
      functionOptions:
        match: "^Oura API"
  oura-openapi-version-3_1:
    description: Oura uses OpenAPI 3.1.
    severity: warn
    given: $.openapi
    then:
      function: pattern
      functionOptions:
        match: "^3\\.1"
  oura-operation-needs-summary:
    description: Every operation must have a summary.
    severity: warn
    given: $.paths.*[get,post,put,delete,patch]
    then:
      field: summary
      function: truthy
  oura-operation-needs-operationid:
    description: Every operation must have an operationId.
    severity: error
    given: $.paths.*[get,post,put,delete,patch]
    then:
      field: operationId
      function: truthy
  oura-bearer-or-oauth2-security:
    description: Security schemes should include HTTPBearer and/or OAuth2.
    severity: warn
    given: $.components.securitySchemes
    then:
      function: truthy
  oura-sandbox-mirror-usercollection:
    description: Every /v2/sandbox/usercollection/* path should mirror a /v2/usercollection/* path.
    severity: info
    given: $.paths[?(@property.match(/^\/v2\/sandbox\/usercollection\//))]~
    then:
      function: truthy