pre-defined-security-scheme-for-applying-security
Overview
This rule belongs to the openapi-v3-standards-validation ruleset and states that:
The name specified for the security scheme in the Security Requirement Object must correspond with a Security Scheme definition in the global security schemes defined under the Components Object.
| Property | Value |
|---|---|
| Enabled | Yes |
| Maximum Severity | Error |
| Message | The security scheme name does not exist in the globally defined security schemes. |
| Code | OPENAPI3STANDARDS_V452 |
| Type | Validation |
| Rule System | Semantic |
| Broad Category | Security Requirements |
| Products Impacted | API Transformer, Code Generation, Developer Experience Portal |
| Tags | openapi3 openapi standards semantic validation name security scheme security |
Suggested Fixes
- Add a definition for the security scheme under the Components Object security schemes if you haven't added already.
- Make sure that the name assigned to the security scheme in the Security Requirement Object matches exactly with the name of a pre-defined security scheme under the Components Object security schemes. Names are compared in a case-sensitive manner.
- If added by mistake, remove the undefined security scheme name entry from the Security Scheme Object.
For More Information
- https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.3.md#openapi-specification
- https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.1.0.md#security-requirement-object
- https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.1.0.md#security-scheme-object
- https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.1.0.md#componentsSecuritySchemes
- https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.1.0.md#componentsObject
- https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.3.md#security-requirement-object
- https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.3.md#security-scheme-object
- https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.3.md#componentsSecuritySchemes
- https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.3.md#components-object
- https://docs.apimatic.io/rulesets/overview/