Skip to main content



This rule belongs to the openapi-v3-standards-validation ruleset and states that:

If the security scheme type is API Key (i.e. type is set to apiKey), the Security Scheme Object must specify a name for the API Key parameter using the name property.

Maximum SeverityError
MessageRequired property name in API key Security Scheme Object is missing.
Rule SystemSemantic
Broad CategorySecurity Schemes
Products ImpactedAPI Transformer, Code Generation, Developer Experience Portal
Tagsopenapi3 openapi standards semantic validation name api key type security scheme security

Suggested Fixes

  • Add missing name property in the Security Scheme Object.
  • Make sure that the name property is not null or empty.
  • Choose a different security scheme type if API key name is not applicable in your API authentication's case.

For More Information