Subex · API Governance Rules

Subex API Rules

Spectral linting rules defining API design standards and conventions for Subex.

9 Rules error 3 warn 4
View Rules File View on GitHub

Rule Categories

subex

Rules

error
subex-operation-id-required
All Subex API operations must have an operationId
$.paths[*][get,post,put,patch,delete]
warn
subex-operation-id-camel-case
Subex operationIds use camelCase
$.paths[*][get,post,put,patch,delete].operationId
warn
subex-tags-required
All operations should have at least one tag
$.paths[*][get,post,put,patch,delete]
error
subex-bearer-auth
Subex API uses Bearer token authentication
$.components.securitySchemes
warn
subex-response-200
GET operations must define a 200 response
$.paths[*].get.responses
hint
subex-pagination-params
List operations should support pagination parameters
$.paths[*].get
hint
subex-error-401-defined
Operations should define a 401 unauthorized response
$.paths[*][get,post,put,patch,delete].responses
error
subex-servers-defined
API must define servers
$
warn
subex-info-contact
API should include contact information
$.info

Spectral Ruleset

Raw ↑ 
extends: spectral:oas
rules:
  subex-operation-id-required:
    description: All Subex API operations must have an operationId
    message: "Operation at '{{path}}' is missing operationId"
    given: "$.paths[*][get,post,put,patch,delete]"
    severity: error
    then:
      field: operationId
      function: truthy

  subex-operation-id-camel-case:
    description: Subex operationIds use camelCase
    message: "operationId '{{value}}' should use camelCase"
    given: "$.paths[*][get,post,put,patch,delete].operationId"
    severity: warn
    then:
      function: pattern
      functionOptions:
        match: "^[a-z][a-zA-Z0-9]+$"

  subex-tags-required:
    description: All operations should have at least one tag
    message: "Operation at '{{path}}' should include tags"
    given: "$.paths[*][get,post,put,patch,delete]"
    severity: warn
    then:
      field: tags
      function: truthy

  subex-bearer-auth:
    description: Subex API uses Bearer token authentication
    message: "API must define a BearerAuth security scheme"
    given: "$.components.securitySchemes"
    severity: error
    then:
      field: BearerAuth
      function: truthy

  subex-response-200:
    description: GET operations must define a 200 response
    message: "GET operation at '{{path}}' must define a 200 response"
    given: "$.paths[*].get.responses"
    severity: warn
    then:
      field: "200"
      function: truthy

  subex-pagination-params:
    description: List operations should support pagination parameters
    message: "List operation at '{{path}}' should include page/size parameters"
    given: "$.paths[*].get"
    severity: hint
    then:
      field: parameters
      function: truthy

  subex-error-401-defined:
    description: Operations should define a 401 unauthorized response
    message: "Operation should define a 401 response"
    given: "$.paths[*][get,post,put,patch,delete].responses"
    severity: hint
    then:
      field: "401"
      function: truthy

  subex-servers-defined:
    description: API must define servers
    message: "API must define at least one server"
    given: "$"
    severity: error
    then:
      field: servers
      function: truthy

  subex-info-contact:
    description: API should include contact information
    message: "API info must include contact details"
    given: "$.info"
    severity: warn
    then:
      field: contact
      function: truthy