x-42c extensions

The x-42c vendor extensions by to the OpenAPI Specification (OAS) enable you to enrich your OpenAPI definitions with security information for API Firewall and provide additional instructions to other features in 42Crunch API Security Platform.

Available extensions

The extensions can be divided into two main groups:

Extension scope

Extensions can have different scope depending on which level in your OpenAPI definition you add them:

• Global level: The extension applies to the whole API: all paths, operations, and responses.
• Path level: The extension applies to a specific path, including all operations and responses defined in it.
• Operation level: The extension is applied to a specific operation and its responses.
• Response level: The extension is applied to all responses defined for an operation.
• Status level: The extension is applied to a specific HTTP status code or the default response.

# ...
paths:
    /apis:
        x-42c-local-strategy:
            x-42c-strategy:
                protections:
                    - x-42c-request-limiter_0.1:                # path level
                        # ...
        get:
            x-42c-local-strategy:
                x-42c-strategy:
                    protections:
                        - x-42c-request-limiter_0.1:            # operation level
                            # ...
            parameters:
                # ...
            responses: 
                x-42c-local-strategy:
                    x-42c-strategy:
                        protections:
                            - x-42c-security-headers_0.1:       # response level
                                # ...
                200: 
                    x-42c-local-strategy:
                        x-42c-strategy:
                            protections:
                                - x-42c-security-headers_0.1:   # status level
                                    # ...