no-endpoint-authorization-header

Overview

This rule belongs to the apimatic-preliminary-linting ruleset and states that:

A declaration of Authorization header at endpoint level is not recommended. Alternatively, make use of the appropriate authentication scheme for the API which will automatically enable the authentication globally for all your endpoints except those that do not require authentication.

Property	Value
Enabled	Yes
Maximum Severity	Information
Message	Authorization header declaration found in endpoint headers.
Code	APIMATICPRE_L044
Type	Linting
Rule System	Semantic
Broad Category	Endpoints
Products Impacted	Code Generation, Developer Experience Portal, API Transformer
Tags	preliminary checks linting apimatic authentication endpoint authorization headers request headers

Suggested Fixes

• Make use of a global API authentication scheme and remove all inline declarations of endpoint level Authorization headers.
• If an endpoint does not require authentication, enable the Skip Authentication flag for that endpoint.

For More Information

• https://docs.apimatic.io/define-apis/api-authentication
• https://docs.apimatic.io/define-apis/endpoints#advanced-settings:~:text=Skip%20authentication
• https://docs.apimatic.io/rulesets/overview/