The OpenAPI Specification (OAS) is a standard open source interface description for REST APIs. It is programming language-agnostic and both human and machine readable. Any API consumer can understand what a web application or service can do and interact with it without accessing the source code, additional documentation, or inspecting network traffic.

The OAS is a community-driven specification maintained and developed by the OpenAPI Initiative (OAI). This is a collaborative open source project under Linux Foundation, and 42Crunch is actively participating in the project. The founding companies include such big names as Google, IBM, and Microsoft, and SmartBear Software donated their Swagger Specification to the OAI as the basis for OAS. The variety in participants has helped to keep the description format vendor neutral.

Formerly known as Swagger specification, the OAS has emerged as a widely adopted way of documenting REST APIs. It offers a standard format with large tooling support. Instead of trying to deduce the intent of an API from its behavior or source code, the standard OpenAPI contract makes it easier to communicate this clearly.

One of the key functions that the standard contract can enable is API security, because it provides a way for developers, operations, and security people across teams to speak in common language. When all teams building both the API and the infrastructure the API is going to sit in can clearly communicate the intent, requirements, and outcome, it is also easier and more reliable to uncover, understand, and mitigate security risks. This idea is in the core of 42Crunch Platform.