SAP Integration Suite · API Governance Rules

SAP Integration Suite API Rules

Spectral linting rules defining API design standards and conventions for SAP Integration Suite.

11 Rules error 1 warn 10
View Rules File View on GitHub

Rule Categories

sap

Rules

warn
sap-odata-entity-pascal-case
SAP OData entity set names must use PascalCase
$.paths[*]~
warn
sap-odata-key-notation
OData key predicates must use parenthetical notation
$.paths[*]~
warn
sap-operation-id-camel-case
Operation IDs must use camelCase
$.paths[*][*].operationId
error
sap-operation-summary-required
All operations must have a summary
$.paths[*][get,post,put,patch,delete]
warn
sap-odata-filter-parameter
OData filter parameters must be named $filter
$.paths[*][get].parameters[*]
warn
sap-odata-pagination-parameters
OData pagination parameters must use $top and $skip
$.paths[*][get].parameters[*]
warn
sap-schema-description
Schema properties should have descriptions
$.components.schemas[*].properties[*]
warn
sap-oauth2-security-defined
SAP APIs should use OAuth2 authentication
$.components.securitySchemes
warn
sap-tags-title-case
Tags must use Title Case
$.paths[*][*].tags[*]
warn
sap-operation-description
Operations should have descriptions
$.paths[*][get,post,put,patch,delete]
warn
sap-401-response-defined
Secured operations should define 401 response
$.paths[*][get,post,put,patch,delete].responses

Spectral Ruleset

Raw ↑ 
extends: spectral:oas
rules:
  # SAP OData entity naming conventions
  sap-odata-entity-pascal-case:
    description: SAP OData entity set names must use PascalCase
    message: Entity set path segment '{{value}}' should use PascalCase (e.g., IntegrationPackages not integration-packages)
    severity: warn
    given: "$.paths[*]~"
    then:
      function: pattern
      functionOptions:
        match: "^(/[A-Z][a-zA-Z]*|/\\{[a-z][a-zA-Z]*\\})+$"

  # OData key notation in paths
  sap-odata-key-notation:
    description: OData key predicates must use parenthetical notation
    message: OData key segments should use parenthetical notation (e.g., /Entities('{Id}'))
    severity: warn
    given: "$.paths[*]~"
    then:
      function: pattern
      functionOptions:
        match: "^.*$"

  # SAP operation IDs must be camelCase
  sap-operation-id-camel-case:
    description: Operation IDs must use camelCase
    message: OperationId '{{value}}' should use camelCase
    severity: warn
    given: "$.paths[*][*].operationId"
    then:
      function: pattern
      functionOptions:
        match: "^[a-z][a-zA-Z0-9]*$"

  # All operations must have summaries
  sap-operation-summary-required:
    description: All operations must have a summary
    message: Operation is missing a summary
    severity: error
    given: "$.paths[*][get,post,put,patch,delete]"
    then:
      field: summary
      function: truthy

  # OData filter parameter should use $filter naming
  sap-odata-filter-parameter:
    description: OData filter parameters must be named $filter
    message: Filter parameters in OData APIs should be named '$filter'
    severity: warn
    given: "$.paths[*][get].parameters[*]"
    then:
      function: schema
      functionOptions:
        schema:
          if:
            properties:
              name:
                pattern: "filter"
          then:
            properties:
              name:
                enum:
                  - "$filter"

  # OData pagination parameters
  sap-odata-pagination-parameters:
    description: OData pagination parameters must use $top and $skip
    message: Pagination parameter should be named '$top' or '$skip'
    severity: warn
    given: "$.paths[*][get].parameters[*]"
    then:
      function: schema
      functionOptions:
        schema:
          if:
            properties:
              name:
                pattern: "^(top|skip)$"
          then:
            properties:
              name:
                enum:
                  - "$top"
                  - "$skip"

  # All schemas should have descriptions
  sap-schema-description:
    description: Schema properties should have descriptions
    message: Property '{{path}}' is missing a description
    severity: warn
    given: "$.components.schemas[*].properties[*]"
    then:
      field: description
      function: truthy

  # OAuth2 security must be defined
  sap-oauth2-security-defined:
    description: SAP APIs should use OAuth2 authentication
    message: OAuth2 security scheme should be defined for SAP APIs
    severity: warn
    given: "$.components.securitySchemes"
    then:
      field: oauth2
      function: truthy

  # Tags must use Title Case
  sap-tags-title-case:
    description: Tags must use Title Case
    message: Tag '{{value}}' should use Title Case
    severity: warn
    given: "$.paths[*][*].tags[*]"
    then:
      function: pattern
      functionOptions:
        match: "^[A-Z][a-zA-Z]*(\\s[A-Z][a-zA-Z]*)*$"

  # Operations must have descriptions
  sap-operation-description:
    description: Operations should have descriptions
    message: Operation is missing a description
    severity: warn
    given: "$.paths[*][get,post,put,patch,delete]"
    then:
      field: description
      function: truthy

  # Response 401 must be defined for secured operations
  sap-401-response-defined:
    description: Secured operations should define 401 response
    message: Operation is missing a 401 Unauthorized response
    severity: warn
    given: "$.paths[*][get,post,put,patch,delete].responses"
    then:
      field: "401"
      function: truthy