api-authentication-mechanism-defined

Overview

This rule belongs to the apimatic-preliminary-linting ruleset and states that:

APIs almost always require only authorized users to make requests to the API server. For this, a particular authentication mechanism is required to be followed. If the API requires authentication, the authentication mechanism must be defined globally in the authentication section of the relevant API description format. Endpoints not requiring any authentication can be excluded as required.

Property	Value
Enabled	Yes
Maximum Severity	Information
Message	No authentication mechanism defined for this API.
Code	APIMATICPRE_L022
Type	Linting
Rule System	Semantic
Broad Category	Authentication
Products Impacted	Code Generation, Developer Experience Portal, API Transformer
Tags	preliminary checks linting apimatic authentication authorization

Suggested Fixes

• If the API uses any kind of authentication, it must be defined in the global authentication section.
• If your API uses a custom authentication flow, it can be manually defined using endpoints. The global authentication mechanism may be skipped in that case.

For More Information

• https://docs.apimatic.io/define-apis/api-authentication
• https://docs.apimatic.io/advanced/oauth2-authorization/
• https://docs.apimatic.io/rulesets/overview/