OpenAPI format requires specific sections to be present in the API contract file. These include, for example:

  • General API information
  • Location of the API endpoint
  • The resources and HTTP verbs the API exposes
  • Formats of incoming and outgoing data communications
  • Errors

If the structure of your API is not well-formed, it may not be possible to audit its security.

This section provides details of the possible issues with the structure of your OpenAPI contract and how you can fix the issues.

Copyright 42Crunch 2021