Qodex.ai

Linting Rules - OpenAPI V3 HTTPS Only

Number of APIs: 1

This is a Spectral governance rule to enforce that OpenAPI is only using HTTPS for the server protocol. Here is a JSON version of the rule that can be applied using this API-driven collection API, or at CLI or CI/CD pipeline.

{
  "openapi-v3-https-only": {
    "description": "Ensures that all APIs are only using HTTPS protocol as a transport.",
    "message": "You must only use HTTPS for the server transport protocol.",
    "formats": [
      "oas3"
    ],
    "severity": "error",
    "given": "$.servers..url",
    "then": {
      "function": "pattern",
      "functionOptions": null,
      "match": "/^https:/"
    }
  }
}

This request can be run as part of this collection, or dragged and dropped to another collection of governance requests organized by folder, demonstrating how API governance linting works, but also providing a rule that can be used as part of your wider API governance strategy.

  1. OpenAPI V3 HTTPS Only POST {{baseUrl}}/linter?rulesUrl=https://rules.linting.org/rules/openapi-v3-https-only/