x-42c extensions

The following 42Crunch vendor extensions to the OpenAPI Specification (OAS) enable you to enrich your OpenAPI definitions with security information for API Firewall and provide additional instructions to other features in 42Crunch Platform.

Security extensions

The security extensions control what security measures API Firewall applies to API traffic. For the most part, they define what protections are applied and where. They are used by the compiler in API Firewall when it builds the sequences of actions for incoming requests and outgoing responses.

For more details on how to use these extensions, see Apply security as code. For the vendor extensions and the descriptions for available protections, see Protections.

Other extensions

You can use the following extensions in your API definitions to provide additional instructions to API Contract Security Audit or API Contract Conformance Scan. These extensions are not used by the compiler in API Firewall when it builds the protection sequences.