OpenAPI format requires specific sections to be present in the API contract file. These include, for example:

  • General API information
  • Location of the API endpoint
  • The resources and HTTP verbs the API exposes
  • Formats of incoming and outgoing data communications
  • Errors

If the structure of your API is not well-formed, it may not be possible to audit its security.

This section provides details of the possible issues with the structure of your OpenAPI contract and how you can fix the issues.