required-api-key-authorization-pass-as

Overview

This rule belongs to the swagger-v1-validation ruleset and states that:

If the authorization type is API Key (i.e. type is set to apiKey), the Authorization Object must specify how the API key parameter must be passed, using the passAs property. Valid values for it are query or header. If a value is not provided, query will be assumed by default automatically during import/transformations into APIMatic.

Property	Value
Enabled	Yes
Maximum Severity	Error
Message	Required passAs property in API key Authorization Object is missing.
Code	SWAGGER1_V402
Type	Validation
Rule System	Semantic
Broad Category	Authorizations
Products Impacted	API Transformer, Code Generation, Developer Experience Portal
Tags	swagger1 swagger semantic validation pass as api key type authorization

Suggested Fixes

• Add missing passAs property in the Authorization Object.
• Make sure that the passAs property is not null or empty.
• Ensure that the passAs property has one of the following values: query, or header.
• Choose a different authorization type if API key configuration is not applicable in your API authentication's case.

For More Information

• https://github.com/OAI/OpenAPI-Specification/blob/main/versions/1.2.md#515-authorization-object
• https://github.com/OAI/OpenAPI-Specification/blob/main/versions/1.2.md
• https://docs.apimatic.io/rulesets/overview/