Penn Medicine · API Governance Rules

Penn Medicine API Rules

Spectral linting rules defining API design standards and conventions for Penn Medicine.

Penn Medicine API Rules is a Spectral governance ruleset published by Penn Medicine on the APIs.io network, containing 4 lint rules.

The ruleset includes 2 error-severity rules and 2 warning-severity rules.

Tagged areas include Healthcare, Hospital, Academic Medical Center, FHIR, and SMART On FHIR.

Rulesets can be applied to your own OpenAPI specs via Spectral to enforce the same governance standards.

4 Rules error 2 warn 2
View Rules File View on GitHub

Rule Categories

penn

Rules

error
penn-medicine-server-url
All Penn Medicine API specs must reference the production FHIR R4 base URL.
$.servers[*].url
warn
penn-medicine-operation-summary-title-case
Operation summaries must use Title Case.
$.paths[*][get,post,put,patch,delete].summary
error
penn-medicine-smart-on-fhir-security
Every Penn Medicine spec must declare the smartOnFhir OAuth2 security scheme.
$.components.securitySchemes
warn
penn-medicine-canonical-tags
Operations must carry one of the canonical Penn Medicine tags.
$.paths[*][get,post,put,patch,delete].tags[*]

Spectral Ruleset

Raw ↑ 
extends: spectral:oas
rules:
  penn-medicine-server-url:
    description: All Penn Medicine API specs must reference the production FHIR R4 base URL.
    severity: error
    given: $.servers[*].url
    then:
      function: pattern
      functionOptions:
        match: '^https://ssproxy\.pennhealth\.com/PRD-FHIR/api/FHIR/R4$'

  penn-medicine-operation-summary-title-case:
    description: Operation summaries must use Title Case.
    severity: warn
    given: $.paths[*][get,post,put,patch,delete].summary
    then:
      function: pattern
      functionOptions:
        match: '^([A-Z][a-zA-Z0-9]*)(\s[A-Z][a-zA-Z0-9]*)*$'

  penn-medicine-smart-on-fhir-security:
    description: Every Penn Medicine spec must declare the smartOnFhir OAuth2 security scheme.
    severity: error
    given: $.components.securitySchemes
    then:
      field: smartOnFhir
      function: truthy

  penn-medicine-canonical-tags:
    description: Operations must carry one of the canonical Penn Medicine tags.
    severity: warn
    given: $.paths[*][get,post,put,patch,delete].tags[*]
    then:
      function: enumeration
      functionOptions:
        values:
          - Patient Access
          - Provider Directory
          - Bulk Data
          - SMART