Skip to main content

pre-defined-security-scheme-for-applying-security

Overview

This rule belongs to the openapi-v3-standards-validation ruleset and states that:

The name specified for the security scheme in the Security Requirement Object must correspond with a Security Scheme definition in the global security schemes defined under the Components Object.

PropertyValue
EnabledYes
Maximum SeverityError
MessageThe security scheme name does not exist in the globally defined security schemes.
CodeOPENAPI3STANDARDS_V452
TypeValidation
Rule SystemSemantic
Broad CategorySecurity Requirements
Products ImpactedAPI Transformer, Code Generation, Developer Experience Portal
Tagsopenapi3 openapi standards semantic validation name security scheme security

Suggested Fixes

  • Add a definition for the security scheme under the Components Object security schemes if you haven't added already.
  • Make sure that the name assigned to the security scheme in the Security Requirement Object matches exactly with the name of a pre-defined security scheme under the Components Object security schemes. Names are compared in a case-sensitive manner.
  • If added by mistake, remove the undefined security scheme name entry from the Security Scheme Object.

For More Information