This rule belongs to the
apimatic-preliminary-linting ruleset and states that:
APIs almost always require only authorized users to make requests to the API server. For this, a particular authentication mechanism is required to be followed. If the API requires authentication, the authentication mechanism must be defined globally in the authentication section of the relevant API description format. Endpoints not requiring any authentication can be excluded as required.
|Message||No authentication mechanism defined for this API.|
|Products Impacted||Code Generation, Developer Experience Portal, API Transformer|
- If the API uses any kind of authentication, it must be defined in the global authentication section.
- If your API uses a custom authentication flow, it can be manually defined using endpoints. The global authentication mechanism may be skipped in that case.