pre-defined-oauth2-authorization-server-in-server-configuration
Overview
This rule belongs to the openapi-v3-apimatic-linting ruleset and states that:
The authorization server referenced inside the OAuth 2.0 authentication definition must be pre-defined in the server configuration of the API.
| Property | Value |
|---|---|
| Enabled | Yes |
| Maximum Severity | Error |
| Message | The authorization server is not defined in API server configuration object. |
| Code | OPENAPI3APIMATIC_L910 |
| Type | Linting |
| Rule System | Semantic |
| Broad Category | OpenAPI OAuth 2.0 Flows |
| Products Impacted | API Transformer, Code Generation |
| Tags | openapi3 openapi apimatic semantic linting server oauth2 authorization server server configuration security scheme |
Suggested Fixes
- Make sure the server you reference within OAuth 2.0 authentication definition is defined with the same name under the server configuration of the API.
- Make sure the server name is not misspelled.
For More Information
- https://docs.apimatic.io/specification-extensions/swagger-server-configuration-extensions/#server-configuration-object
- https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.3.md#oauth-flow-object
- https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.3.md
- https://docs.apimatic.io/rulesets/overview/