Specification
+Versions
+The Arazzo Specification is versioned using a major.minor.patch versioning scheme. The major.minor portion of the version string (for example 1.0) SHALL designate the Arazzo feature set. .patch versions address errors in, or provide clarifications to, this document, not the feature set. The patch version SHOULD NOT be considered by tooling, making no distinction between 1.0.0 and 1.0.1 for example.
Format
+An Arazzo Description that conforms to the Arazzo Specification is itself a JSON object, which may be represented either in JSON or YAML format.
+All field names in the specification are case sensitive. +This includes all fields that are used as keys in a map, except where explicitly noted that keys are case insensitive.
+In order to preserve the ability to round-trip between YAML and JSON formats, YAML version 1.2 is RECOMMENDED along with some additional constraints:
+-
+
- Tags MUST be limited to those allowed by the JSON Schema ruleset. +
- Keys used in YAML maps MUST be limited to a scalar string, as defined by the YAML Failsafe schema ruleset. +
Arazzo Description Structure
+It is RECOMMENDED that the entry Arazzo document be named: arazzo.json or arazzo.yaml.
An Arazzo Description MAY be made up of a single document or be divided into multiple, connected parts at the discretion of the author. If workflows from other documents are being referenced, they must by included as a Source Description Object. In a multi-document description, the document containing the Arazzo Specification Object is known as the entry Arazzo document.
+Data Types
+Data types in the Arazzo Specification are based on the types supported by the JSON Schema Specification Draft 2020-12. Note that integer as a type is also supported and is defined as a JSON number without a fraction or exponent part.
+As defined by the JSON Schema Validation vocabulary, data types can have an optional modifier property: format. Arazzo additionally supports the formats (similar to the OpenAPI specification) to provide fine detail for primitive data types.
The formats defined are:
+type |
+format |
+Comments | +
|---|---|---|
integer |
+int32 |
+signed 32 bits | +
integer |
+int64 |
+signed 64 bits (a.k.a long) | +
number |
+float |
++ |
number |
+double |
++ |
string |
+password |
+A hint to UIs to obscure input. | +
Relative References in URLs
+Unless specified otherwise, all properties that are URLs MAY be relative references as defined by [[!RFC3986]]. +Unless specified otherwise, relative references are resolved using the URL of the referring document.
+Schema
+In the following description, if a field is not explicitly REQUIRED or described with a MUST or SHALL, it can be considered OPTIONAL.
+Arazzo Specification Object
+This is the root object of the Arazzo Description.
+Fixed Fields
+| Field Name | +Type | +Description | +
|---|---|---|
| arazzo | +string |
+REQUIRED. This string MUST be the version number of the Arazzo Specification that the Arazzo Description uses. The arazzo field MUST be used by tooling to interpret the Arazzo Description. |
+
| info | +Info Object | +REQUIRED. Provides metadata about the workflows contain within the Arazzo Description. The metadata MAY be used by tooling as required. | +
| sourceDescriptions | +[Source Description Object] | +REQUIRED. A list of source descriptions (such as an OpenAPI description) this Arazzo Description SHALL apply to. The list MUST have at least one entry. | +
| workflows | +[Workflow Object] | +REQUIRED. A list of workflows. The list MUST have at least one entry. | +
| components | +Components Object | +An element to hold various schemas for the Arazzo Description. | +
This object MAY be extended with Specification Extensions.
+Arazzo Specification Object Example
+
+arazzo: 1.0.0
+info:
+ title: A pet purchasing workflow
+ summary: This Arazzo Description showcases the workflow for how to purchase a pet through a sequence of API calls
+ description: |
+ This Arazzo Description walks you through the workflow and steps of `searching` for, `selecting`, and `purchasing` an available pet.
+ version: 1.0.1
+sourceDescriptions:
+- name: petStoreDescription
+ url: https://github.com/swagger-api/swagger-petstore/blob/master/src/main/resources/openapi.yaml
+ type: openapi
+
+workflows:
+- workflowId: loginUserAndRetrievePet
+ summary: Login User and then retrieve pets
+ description: This workflow lays out the steps to login a user and then retrieve pets
+ inputs:
+ type: object
+ properties:
+ username:
+ type: string
+ password:
+ type: string
+ steps:
+ - stepId: loginStep
+ description: This step demonstrates the user login step
+ operationId: loginUser
+ parameters:
+ # parameters to inject into the loginUser operation (parameter name must be resolvable at the referenced operation and the value is determined using {expression} syntax)
+ - name: username
+ in: query
+ value: $inputs.username
+ - name: password
+ in: query
+ value: $inputs.password
+ successCriteria:
+ # assertions to determine step was successful
+ - condition: $statusCode == 200
+ outputs:
+ # outputs from this step
+ tokenExpires: $response.header.X-Expires-After
+ rateLimit: $response.header.X-Rate-Limit
+ sessionToken: $response.body
+ - stepId: getPetStep
+ description: retrieve a pet by status from the GET pets endpoint
+ operationPath: '{$sourceDescriptions.petstoreDescription.url}#/paths/~1pet~1findByStatus/get'
+ parameters:
+ - name: status
+ in: query
+ value: 'available'
+ - name: Authorization
+ in: header
+ value: $steps.loginUser.outputs.sessionToken
+ successCriteria:
+ - condition: $statusCode == 200
+ outputs:
+ # outputs from this step
+ availablePets: $response.body
+ outputs:
+ available: $steps.getPetStep.availablePets
+Info Object
+The object provides metadata about API workflows defined in this Arazzo document. +The metadata MAY be used by the clients if needed.
+Fixed Fields
+| Field Name | +Type | +Description | +
|---|---|---|
| title | +string |
+REQUIRED. A human readable title of the Arazzo Description. | +
| summary | +string |
+A short summary of the Arazzo Description. | +
| description | +string |
+A description of the purpose of the workflows defined. CommonMark syntax MAY be used for rich text representation. | +
| version | +string |
+REQUIRED. The version identifier of the Arazzo document (which is distinct from the Arazzo Specification version). | +
This object MAY be extended with Specification Extensions.
+Info Object Example
+
+title: A pet purchasing workflow
+summary: This workflow showcases how to purchase a pet through a sequence of API calls
+description: |
+ This workflow walks you through the steps of searching for, selecting, and purchasing an available pet.
+version: 1.0.1
+Source Description Object
+Describes a source description (such as an OpenAPI description) that will be referenced by one or more workflows described within an Arazzo Description.
+An object storing a map between named description keys and location URLs to the source descriptions (such as an OpenAPI description) this Arazzo Description SHALL apply to. Each source location string MUST be in the form of a URI-reference as defined by RFC3986 section 4.1.
Fixed Fields
+| Field Name | +Type | +Description | +
|---|---|---|
| name | +string |
+REQUIRED. A unique name for the source description. Tools and libraries MAY use the name to uniquely identify a source description, therefore, it is RECOMMENDED to follow common programming naming conventions. SHOULD conform to the regular expression [A-Za-z0-9_\-]+. |
+
| url | +string |
+REQUIRED. A URL to a source description to be used by a workflow. If a relative reference is used, it MUST be in the form of a URI-reference as defined by RFC3986 section 4.2. | +
| type | +string |
+The type of source description. Possible values are "openapi" or "arazzo". |
+
This object MAY be extended with Specification Extensions.
+Source Description Object Example
+
+name: petStoreDescription
+url: https://github.com/swagger-api/swagger-petstore/blob/master/src/main/resources/openapi.yaml
+type: openapi
+Workflow Object
+Describes the steps to be taken across one or more APIs to achieve an objective. The workflow object MAY define inputs needed in order to execute workflow steps, where the defined steps represent a call to an API operation or another workflow, and a set of outputs.
+Fixed Fields
+| Field Name | +Type | +Description | +
|---|---|---|
| workflowId | +string |
+REQUIRED. Unique string to represent the workflow. The id MUST be unique amongst all workflows describe in the Arazzo Description. The workflowId value is case-sensitive. Tools and libraries MAY use the workflowId to uniquely identify a workflow, therefore, it is RECOMMENDED to follow common programming naming conventions. SHOULD conform to the regular expression [A-Za-z0-9_\-]+. |
+
| summary | +string |
+A summary of the purpose or objective of the workflow. | +
| description | +string |
+A description of the workflow. CommonMark syntax MAY be used for rich text representation. | +
| inputs | +JSON Schema |
+A JSON Schema 2020-12 object representing the input parameters used by this workflow. | +
| dependsOn | +[string] |
+A list of workflows that MUST be completed before this workflow can be processed. The values provided MUST be a workflowId. If the workflow depended on is defined within the current Workflow Document, then specify the workflowId of the relevant local workflow. If the workflow is defined in a separate Arazzo Document then the workflow MUST be defined in the sourceDescriptions and the workflowId MUST be specified using a runtime expression (e.g., $sourceDescriptions.<name>.<workflowId>) to avoid ambiguity or potential clashes. |
+
| steps | +[Step Object] | +REQUIRED. An ordered list of steps where each step represents a call to an API operation or to another workflow. | +
| successActions | +[Success Action Object | Reusable Object] | +A list of success actions that are applicable for all steps described under this workflow. These success actions can be overridden at the step level but cannot be removed there. If a Reusable Object is provided, it MUST link to success actions defined in the components/successActions of the current Arazzo document. The list MUST NOT include duplicate success actions. | +
| failureActions | +[Failure Action Object | Reusable Object] | +A list of failure actions that are applicable for all steps described under this workflow. These failure actions can be overridden at the step level but cannot be removed there. If a Reusable Object is provided, it MUST link to failure actions defined in the components/failureActions of the current Arazzo document. The list MUST NOT include duplicate failure actions. | +
| outputs | +Map[string, {expression}] |
+A map between a friendly name and a dynamic output value. The name MUST use keys that match the regular expression: ^[a-zA-Z0-9\.\-_]+$. |
+
| parameters | +[Parameter Object | Reusable Object] | +A list of parameters that are applicable for all steps described under this workflow. These parameters can be overridden at the step level but cannot be removed there. Each parameter MUST be passed to an operation or workflow as referenced by operationId, operationPath, or workflowId as specified within each step. If a Reusable Object is provided, it MUST link to a parameter defined in the components/parameters of the current Arazzo document. The list MUST NOT include duplicate parameters. |
+
This object MAY be extended with Specification Extensions.
+Workflow Object Example
+
+workflowId: loginUser
+summary: Login User
+description: This workflow lays out the steps to login a user
+inputs:
+ type: object
+ properties:
+ username:
+ type: string
+ password:
+ type: string
+steps:
+ - stepId: loginStep
+ description: This step demonstrates the user login step
+ operationId: loginUser
+ parameters:
+ # parameters to inject into the loginUser operation (parameter name must be resolvable at the referenced operation and the value is determined using {expression} syntax)
+ - name: username
+ in: query
+ value: $inputs.username
+ - name: password
+ in: query
+ value: $inputs.password
+ successCriteria:
+ # assertions to determine step was successful
+ - condition: $statusCode == 200
+ outputs:
+ # outputs from this step
+ tokenExpires: $response.header.X-Expires-After
+ rateLimit: $response.header.X-Rate-Limit
+outputs:
+ tokenExpires: $steps.loginStep.outputs.tokenExpires
+Step Object
+Describes a single workflow step which MAY be a call to an API operation (OpenAPI Operation Object or another Workflow Object.
+Fixed Fields
+| Field Name | +Type | +Description | +
|---|---|---|
| description | +string |
+A description of the step. CommonMark syntax MAY be used for rich text representation. | +
| stepId | +string |
+REQUIRED. Unique string to represent the step. The stepId MUST be unique amongst all steps described in the workflow. The stepId value is case-sensitive. Tools and libraries MAY use the stepId to uniquely identify a workflow step, therefore, it is RECOMMENDED to follow common programming naming conventions. SHOULD conform to the regular expression [A-Za-z0-9_\-]+. |
+
| operationId | +string |
+The name of an existing, resolvable operation, as defined with a unique operationId and existing within one of the sourceDescriptions. The referenced operation will be invoked by this workflow step. If multiple (non arazzo type) sourceDescriptions are defined, then the operationId MUST be specified using a runtime expression (e.g., $sourceDescriptions.<name>.<operationId>) to avoid ambiguity or potential clashes. This field is mutually exclusive of the operationPath and workflowId fields respectively. |
+
| operationPath | +string |
+A reference to a Source combined with a JSON Pointer to reference an operation. This field is mutually exclusive of the operationId and workflowId fields respectively. The operation being referenced MUST be described within one of the sourceDescriptions descriptions. A runtime expression syntax MUST be used to identify the source description document. If the referenced operation has an operationId defined then the operationId SHOULD be preferred over the operationPath. |
+
| workflowId | +string |
+The workflowId referencing an existing workflow within the Arazzo Description. If multiple arazzo type sourceDescriptions are defined, then the workflowId MUST be specified using a runtime expression (e.g., $sourceDescriptions.<name>.<workflowId>) to avoid ambiguity or potential clashes. The field is mutually exclusive of the operationId and operationPath fields respectively. |
+
| parameters | +[Parameter Object | Reusable Object] | +A list of parameters that MUST be passed to an operation or workflow as referenced by operationId, operationPath, or workflowId. If a parameter is already defined at the Workflow, the new definition will override it but can never remove it. If a Reusable Object is provided, it MUST link to a parameter defined in the components/parameters of the current Arazzo document. The list MUST NOT include duplicate parameters. |
+
| requestBody | +Request Body Object | +The request body to pass to an operation as referenced by operationId or operationPath. The requestBody is fully supported in HTTP methods where the HTTP 1.1 specification [[!RFC7231]] has explicitly defined semantics for request bodies. In other cases where the HTTP spec is vague (such as GET, HEAD and DELETE), requestBody is permitted but does not have well-defined semantics and SHOULD be avoided if possible. |
+
| successCriteria | +[Criterion Object] | +A list of assertions to determine the success of the step. Each assertion is described using a Criterion Object. All assertions MUST be satisfied for the step to be deemed successful. |
+
| onSuccess | +[Success Action Object | Reusable Object] | +An array of success action objects that specify what to do upon step success. If omitted, the next sequential step shall be executed as the default behavior. If multiple success actions have similar criteria, the first sequential action matching the criteria SHALL be the action executed. If a success action is already defined at the Workflow, the new definition will override it but can never remove it. If a Reusable Object is provided, it MUST link to a success action defined in the components of the current Arazzo document. The list MUST NOT include duplicate success actions. |
+
| onFailure | +[Failure Action Object | Reusable Object] | +An array of failure action objects that specify what to do upon step failure. If omitted, the default behavior is to break and return. If multiple failure actions have similar criteria, the first sequential action matching the criteria SHALL be the action executed. If a failure action is already defined at the Workflow, the new definition will override it but can never remove it. If a Reusable Object is provided, it MUST link to a failure action defined in the components of the current Arazzo document. The list MUST NOT include duplicate failure actions. |
+
| outputs | +Map[string, {expression}] |
+A map between a friendly name and a dynamic output value defined using a runtime expression. The name MUST use keys that match the regular expression: ^[a-zA-Z0-9\.\-_]+$. |
+
This object MAY be extended with Specification Extensions.
+Step Object Example
+Single step
+
+stepId: loginStep
+description: This step demonstrates the user login step
+operationId: loginUser
+parameters:
+ # parameters to inject into the loginUser operation (parameter name must be resolvable at the referenced operation and the value is determined using {expression} syntax)
+ - name: username
+ in: query
+ value: $inputs.username
+ - name: password
+ in: query
+ value: $inputs.password
+successCriteria:
+ # assertions to determine step was successful
+ - condition: $statusCode == 200
+outputs:
+ # outputs from this step
+ tokenExpires: $response.header.X-Expires-After
+ rateLimit: $response.header.X-Rate-Limit
+Multiple steps
+
+steps:
+ - stepId: loginStep
+ description: This step demonstrates the user login step
+ operationId: loginUser
+ parameters:
+ # parameters to inject into the loginUser operation (parameter name must be resolvable at the referenced operation and the value is determined using {expression} syntax)
+ - name: username
+ in: query
+ value: $inputs.username
+ - name: password
+ in: query
+ value: $inputs.password
+ successCriteria:
+ # assertions to determine step was successful
+ - condition: $statusCode == 200
+ outputs:
+ # outputs from this step
+ tokenExpires: $response.header.X-Expires-After
+ rateLimit: $response.header.X-Rate-Limit
+ sessionToken: $response.body
+ - stepId: getPetStep
+ description: retrieve a pet by status from the GET pets endpoint
+ operationPath: '{$sourceDescriptions.petStoreDescription.url}#/paths/~1pet~1findByStatus/get'
+ parameters:
+ - name: status
+ in: query
+ value: 'available'
+ - name: Authorization
+ in: header
+ value: $steps.loginUser.outputs.sessionToken
+ successCriteria:
+ - condition: $statusCode == 200
+ outputs:
+ # outputs from this step
+ availablePets: $response.body
+Parameter Object
+Describes a single step parameter. A unique parameter is defined by the combination of a name and in fields. There are four possible locations specified by the in field:
-
+
- path - Used together with OpenAPI style Path Templating, where the parameter value is actually part of the operation’s URL. This does not include the host or base path of the API. For example, in /items/{itemId}, the path parameter is itemId. +
- query - Parameters that are appended to the URL. For example, in
/items?id=###, the query parameter isid.
+ - header - Custom headers that are expected as part of the request. Note that [[!RFC7230]] states header names are case insensitive. +
- cookie - Used to pass a specific cookie value to the source API. +
Fixed Fields
+| Field Name | +Type | +Description | +
|---|---|---|
| name | +string |
+REQUIRED. The name of the parameter. Parameter names are case sensitive. | +
| in | +string |
+The name location of the parameter. Possible values are "path", "query", "header", "cookie", or "body". When the step in context specifies a workflowId, then all parameters map to workflow inputs. In all other scenarios (e.g., a step specifies an operationId), the in field MUST be specified. |
+
| value | +Any | {expression} | +REQUIRED. The value to pass in the parameter. The value can be a constant or an Runtime Expression to be evaluated and passed to the referenced operation or workflow. | +
This object MAY be extended with Specification Extensions.
+Parameter Object Example
+Query Example
+
+- name: username
+ in: query
+ value: $inputs.username
+Header Example
+
+- name: X-Api-Key
+ in: header
+ value: $inputs.x-api-key
+Success Action Object
+A single success action which describes an action to take upon success of a workflow step. There are two possible values for the type field.
-
+
- end - The workflow ends, and context returns to the caller with applicable outputs +
- goto - A one-way transfer of workflow control to the specified label (either a
workflowIdorstepId)
+
Fixed Fields
+| Field Name | +Type | +Description | +
|---|---|---|
| name | +string |
+REQUIRED. The name of the success action. Names are case sensitive. | +
| type | +string |
+REQUIRED. The type of action to take. Possible values are "end" or "goto". |
+
| workflowId | +string |
+The workflowId referencing an existing workflow within the Arazzo Description to transfer to upon success of the step. This field is only relevant when the type field value is "goto". If multiple arazzo type sourceDescriptions are defined, then the workflowId MUST be specified using a runtime expression (e.g., $sourceDescriptions.<name>.<workflowId>) to avoid ambiguity or potential clashes. This field is mutually exclusive to stepId. |
+
| stepId | +string |
+The stepId to transfer to upon success of the step. This field is only relevant when the type field value is "goto". The referenced stepId MUST be within the current workflow. This field is mutually exclusive to workflowId. |
+
| criteria | +[Criterion Object] | +A list of assertions to determine if this action SHALL be executed. Each assertion is described using a Criterion Object. All criteria assertions MUST be satisfied for the action to be executed. |
+
This object MAY be extended with Specification Extensions.
+Success Action Object Example
+
+name: JoinWaitingList
+type: goto
+stepId: joinWaitingListStep
+criteria:
+ # assertions to determine if this success action should be executed
+ - context: $response.body
+ condition: $[?count(@.pets) > 0]
+ type: JSONPath
+Failure Action Object
+A single failure action which describes an action to take upon failure of a workflow step. There are three possible values for the type field.
-
+
- end - The workflow ends, and context returns to the caller with applicable outputs +
- retry - The current step will be retried. The retry will be constrained by the
retryAfterandretryLimitfields. If astepIdorworkflowIdare specified, then the reference is executed and the context is returned, after which the current step is retried.
+ - goto - A one-way transfer of workflow control to the specified label (either a
workflowIdorstepId)
+
Fixed Fields
+| Field Name | +Type | +Description | +
|---|---|---|
| name | +string |
+REQUIRED. The name of the failure action. Names are case sensitive. | +
| type | +string |
+REQUIRED. The type of action to take. Possible values are "end", "retry", or "goto". |
+
| workflowId | +string |
+The workflowId referencing an existing workflow within the Arazzo Description to transfer to upon failure of the step. This field is only relevant when the type field value is "goto" or "retry". If multiple arazzo type sourceDescriptions are defined, then the workflowId MUST be specified using a runtime expression (e.g., $sourceDescriptions.<name>.<workflowId>) to avoid ambiguity or potential clashes. This field is mutually exclusive to stepId. When used with "retry", context transfers back upon completion of the specified workflow. |
+
| stepId | +string |
+The stepId to transfer to upon failure of the step. This field is only relevant when the type field value is "goto" or "retry". The referenced stepId MUST be within the current workflow. This field is mutually exclusive to workflowId. When used with "retry", context transfers back upon completion of the specified step. |
+
| retryAfter | +number |
+A non-negative decimal indicating the seconds to delay after the step failure before another attempt SHALL be made. Note: if an HTTP Retry-After response header was returned to a step from a targeted operation, then it SHOULD overrule this particular field value. This field only applies when the type field value is "retry" or "function". |
+
| retryLimit | +integer |
+A non-negative integer indicating how many attempts to retry the step MAY be attempted before failing the overall step. If not specified then a single retry SHALL be attempted. This field only applies when the type field value is "retry". The retryLimit MUST be exhausted prior to executing subsequent failure actions. |
+
| criteria | +[Criterion Object] | +A list of assertions to determine if this action SHALL be executed. Each assertion is described using a Criterion Object. | +
This object MAY be extended with Specification Extensions.
+Failure Action Object Example
+
+name: retryStep
+type: retry
+retryAfter: 1
+retryLimit: 5
+criteria:
+ # assertions to determine if this action should be executed
+ - condition: $statusCode == 503
+Components Object
+Holds a set of reusable objects for different aspects of the Arazzo Specification. All objects defined within the components object will have no effect on the Arazzo Description unless they are explicitly referenced from properties outside the components object.
+Components are scoped to the Arazzo document they are defined in. For example, if a step defined in Arazzo document “A” references a workflow defined in Arazzo document “B”, the components in “A” are not considered when evaluating the workflow referenced in “B”.
+Fixed Fields
+| Field Name | +Type | +Description | +
|---|---|---|
| inputs | +Map[string, JSON Schema] |
+An object to hold reusable JSON Schema objects to be referenced from workflow inputs. | +
| parameters | +Map[string, Parameter Object] |
+An object to hold reusable Parameter Objects | +
| successActions | +Map[string, Success Action Object] |
+An object to hold reusable Success Actions Objects. | +
| failureActions | +Map[string, Failure Action Object] |
+An object to hold reusable Failure Actions Objects. | +
This object MAY be extended with Specification Extensions.
+All the fixed fields declared above are objects that MUST use keys that match the regular expression: ^[a-zA-Z0-9\.\-_]+$. The key is used to refer to the input or parameter in other parts of the Workflow Description.
Field Name Examples:
+
+User
+User_1
+User_Name
+user-name
+my.org.User
+Components Object Example
+
+components:
+ parameters:
+ storeId:
+ name: storeId
+ in: header
+ value: $inputs.x-store-id
+ inputs:
+ pagination:
+ type: object
+ properties:
+ page:
+ type: integer
+ format: int32
+ pageSize:
+ type: integer
+ format: int32
+ failureActions:
+ refreshToken:
+ name: refreshExpiredToken
+ type: retry
+ retryAfter: 1
+ retryLimit: 5
+ workflowId: refreshTokenWorkflowId
+ criteria:
+ # assertions to determine if this action should be executed
+ - condition: $statusCode == 401
+
+"components": {
+ "parameters": {
+ "storeId": {
+ "name": "storeId",
+ "in": "header",
+ "value": "$inputs.x-store-id"
+ }
+ },
+ "inputs": {
+ "pagination": {
+ "type": "object",
+ "properties": {
+ "page": {
+ "type": "integer",
+ "format": "int32"
+ },
+ "pageSize": {
+ "type": "integer",
+ "format": "int32"
+ }
+ }
+ }
+ },
+ "failureActions": {
+ "refreshToken": {
+ "name": "refreshExpiredToken",
+ "type": "retry",
+ "retryAfter": 1,
+ "retryLimit": 5,
+ "workflowId": "refreshTokenWorkflowId",
+ "criteria": [
+ {
+ "condition": "{$statusCode == 401}"
+ }
+ ]
+ }
+ }
+}
+Reusable Object
+A simple object to allow referencing of objects contained within the Components Object. It can be used from locations within steps or workflows in the Arazzo Description. Note - Input Objects MUST use standard JSON Schema referencing via the $ref keyword while all non JSON Schema objects use this object and its expression based referencing mechanism.
Fixed Fields
+| Field Name | +Type | +Description | +
|---|---|---|
| value | +string |
+Sets a value of the referenced parameter. This is only applicable for parameter object references. | +
This object cannot be extended with additional properties and any properties added MUST be ignored.
+Reusable Object Example
+
+ reference: $components.successActions.notify
+
+ {
+ "reference": "$components.successActions.notify"
+ }
+
+ reference: $components.parameters.page
+ value: 1
+
+ {
+ "reference": "$components.parameters.page",
+ "value": 1
+ }
+Criterion Object
+An object used to specify the context, conditions, and condition types that can be used to prove or satisfy assertions specified in Step Object successCriteria, Success Action Object criteria, and Failure Action Object criteria.
There are four flavors of conditions supported:
+-
+
- simple - where basic literals, operators, and loose comparisons are used in combination with Runtime Expressions. +
- regex - where a regex pattern is applied on the supplied context. The context is defined by a Runtime Expression. +
- jsonpath - where a JSON Path expression is applied. The root node context is defined by a Runtime Expression. +
- xpath - where an XPath expression is applied. The root node context is defined by a Runtime Expression. +
Literals
+As part of a condition expression, you can use boolean, null, number, or string data types.
| Type | +Literal value | +
|---|---|
boolean |
+true or false |
+
null |
+null |
+
number |
+Any number format supported in Data Types | +
string |
+Strings MUST use single quotes (‘) around the string. To use a literal single quote, escape the literal single quote using an additional single quote (’'). | +
Operators
+| Operator | +Description | +
|---|---|
< |
+Less than | +
<= |
+Less than or equal | +
> |
+Greater than | +
>= |
+Greater than or equal | +
== |
+Equal | +
!= |
+Not equal | +
! |
+Not | +
&& |
+And | +
|| |
+Or | +
() |
+Logical Grouping | +
[] |
+Index (0-based) | +
. |
+Property de-reference | +
String comparisons MUST be case insensitive.
Fixed Fields
+| Field Name | +Type | +Description | +
|---|---|---|
| context | +{expression} |
+A runtime expression used to set the context for the condition to be applied on. If type is specified, then the context MUST be provided (e.g. $response.body would set the context that a JSONPath query expression could be applied to). |
+
| condition | +string |
+REQUIRED. The condition to apply. Conditions can be simple (e.g. $statusCode == 200 which applies a operator on a value obtained from a runtime expression), or a regex, or a JSONPath expression. For regex and JSONPath, the type and context MUST be specified. |
+
| type | +string | Criterion Expression Type Object |
+The type of condition to be applied. If specified, the options allowed are simple, regex, jsonpath or xpath. If omitted, then the condition is assumed to be simple, which at most combines literals, operators and Runtime Expressions. If jsonpath, then the expression MUST conform to JSON Path. If xpath the expression MUST conform to XML Path Language 3.1. Should other variants of JSON Path or XPath be required, then a Criterion Expression Type Object MUST be specified. |
+
This object MAY be extended with Specification Extensions.
+Criterion Object Example
+Simple Condition Example
+
+- condition: $statusCode == 200
+Regex Condition Example
+
+- context: $statusCode
+ condition: '^200$'
+ type: regex
+JSONPath Condition Example
+
+- context: $response.body
+ condition: $[?count(@.pets) > 0]
+ type: jsonpath
+Criterion Expression Type Object
+An object used to describe the type and version of an expression used within a Criterion Object. If this object is not defined, then the following defaults apply:
+-
+
- JSON Path as described by [!RFC9535] +
- XPath as described by XML Path Language 3.1 +
Defining this object gives the ability to utilize tooling compatible with older versions of either JSON Path or XPath.
+Fixed Fields
+This object MAY be extended with Specification Extensions.
+Criterion Expression Type Example
+JSON Path Example
+
+ type: jsonpath
+ version: draft-goessner-dispatch-jsonpath-00
+XPath Example
+
+ type: xpath
+ version: xpath-30
+Request Body Object
+A single request body describing the Content-Type and request body content to be passed by a step to an operation.
Fixed Fields
+| Field Name | +Type | +Description | +
|---|---|---|
| contentType | +string |
+The Content-Type for the request content. If omitted then refer to Content-Type specified at the targeted operation to understand serialization requirements. | +
| payload | +Any | +A value representing the request body payload. The value can be a literal value or can contain Runtime Expressions which MUST be evaluated prior to calling the referenced operation. To represent examples of media types that cannot be naturally represented in JSON or YAML, use a string value to contain the example, escaping where necessary. | +
replacements | [Payload Replacement Object] | A list of locations and values to set within a payload.
+This object MAY be extended with Specification Extensions.
+RequestBody Object Example
+JSON Templated Example
+ contentType: application/json
+ payload: |
+ {
+ "petOrder": {
+ "petId": "{$inputs.pet_id}",
+ "couponCode": "{$inputs.coupon_code}",
+ "quantity": "{$inputs.quantity}",
+ "status": "placed",
+ "complete": false
+ }
+ }
+JSON Object Example
+ contentType: application/json
+ payload:
+ petOrder:
+ petId: $inputs.pet_id
+ couponCode: $inputs.coupon_code
+ quantity: $inputs.quantity
+ status: placed
+ complete: false
+Complete Runtime Expression
+ contentType: application/json
+ payload: $inputs.petOrderRequest
+XML Templated Example
+ contentType: application/xml
+ payload: |
+ <petOrder>
+ <petId>{$inputs.pet_id}</petId>
+ <couponCode>{$inputs.coupon_code}</couponCode>
+ <quantity>{$inputs.quantity}</quantity>
+ <status>placed</status>
+ <complete>false</complete>
+ </petOrder>
+Form Data Example
+ contentType: application/x-www-form-urlencoded
+ payload:
+ client_id: $inputs.clientId
+ grant_type: $inputs.grantType
+ redirect_uri: $inputs.redirectUri
+ client_secret: $inputs.clientSecret
+ code: $steps.browser-authorize.outputs.code
+ scope: $inputs.scope
+Form Data String Example
+ contentType: application/x-www-form-urlencoded
+ payload: "client_id={$inputs.clientId}&grant_type={$inputs.grantType}&redirect_uri={$inputs.redirectUri}&client_secret={$inputs.clientSecret}&code{$steps.browser-authorize.outputs.code}&scope=$inputs.scope}"
+Payload Replacement Object
+Describes a location within a payload (e.g., a request body) and a value to set within the location.
+Fixed Fields
+| Field Name | +Type | +Description | +
|---|---|---|
| target | +string |
+REQUIRED. A JSON Pointer or XPath Expression which MUST be resolved against the request body. Used to identify the location to inject the value. |
+
| value | +Any | {expression} | +REQUIRED. The value set within the target location. The value can be a constant or a Runtime Expression to be evaluated and passed to the referenced operation or workflow. | +
This object MAY be extended with Specification Extensions.
+Payload Replacement Object Example
+Runtime Expression Example
+
+ target: /petId
+ value: $inputs.pet_id
+Literal Example
+
+ target: /quantity
+ value: 10
+Runtime Expressions
+A runtime expression allows values to be defined based on information that will be available within an HTTP message, an event message, and within objects serialized from the Arazzo document such as workflows or steps.
+The runtime expression is defined by the following ABNF syntax:
+
+ expression = ( "$url" / "$method" / "$statusCode" / "$request." source / "$response." source / "$message." source / "$inputs." name / "$outputs." name / "$steps." name / "$workflows." name / "$sourceDescriptions." name / "$components." name / "$components.parameters." parameter-name)
+ parameter-name = name ; Reuses 'name' rule for parameter names
+ source = ( header-reference / query-reference / path-reference / body-reference )
+ header-reference = "header." token
+ query-reference = "query." name
+ path-reference = "path." name
+ body-reference = "body" ["#" json-pointer ]
+ json-pointer = *( "/" reference-token )
+ reference-token = *( unescaped / escaped )
+ unescaped = %x00-2E / %x30-7D / %x7F-10FFFF
+ ; %x2F ('/') and %x7E ('~') are excluded from 'unescaped'
+ escaped = "~" ( "0" / "1" )
+ ; representing '~' and '/', respectively
+ name = *( CHAR )
+ token = 1*tchar
+ tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*" / "+" / "-" / "." /
+ "^" / "_" / "`" / "|" / "~" / DIGIT / ALPHA
+Examples
+| Source Location | +example expression | +notes | +
|---|---|---|
| HTTP Method | +$method |
+The allowable values for the $method will be those for the HTTP operation. |
+
| Requested media type | +$request.header.accept |
++ |
| Request parameter | +$request.path.id |
+Request parameters MUST be declared in the parameters section of the parent operation or they cannot be evaluated. This includes request headers. |
+
| Request body property | +$request.body#/user/uuid |
+In operations which accept payloads, references may be made to portions of the requestBody or the entire body. |
+
| Request URL | +$url |
++ |
| Response value | +$response.body#/status |
+In operations which return payloads, references may be made to portions of the response body or the entire body. | +
| Response header | +$response.header.Server |
+Single header values only are available | +
| workflow input | +$inputs.username or $workflows.foo.inputs.username |
+Single input values only are available | +
| Step output value | +$steps.someStep.pets |
+In situations where the output named property return payloads, references may be made to portions of the response body or the entire body. | +
| Workflow output value | +$outputs.bar or $workflows.foo.outputs.bar |
+Single input values only are available | +
| Components parameter | +$components.parameters.foo |
+Accesses a foo parameter defined within the Components Object. | +
Runtime expressions preserve the type of the referenced value.
+Expressions can be embedded into string values by surrounding the expression with {} curly braces.
Specification Extensions
+While the Arazzo Specification tries to accommodate most use cases, additional data can be added to extend the specification at certain points.
+The extension properties are implemented as patterned fields that are always prefixed by "x-".
| Field Pattern | +Type | +Description | +
|---|---|---|
| ^x- | +Any | +Allows extensions to the Arazzo Specification. The field name MUST begin with x-, for example, x-internal-id. Field names beginning x-oai-, x-oas-, and x-arazzo are reserved for uses defined by the OpenAPI Initiative. The value MAY be null, a primitive, an array or an object. |
+
The extensions may or may not be supported by the available tooling, but those may be extended as well to add requested support (if tools are internal or open-sourced).
+Security Considerations
+The Arazzo Specification does not enforce a security mechanism. Security is left to the implementer, though TLS, specifically HTTPS may be recommended for exchanging sensitive workflows.
+Arazzo Descriptions can be JSON or YAML values. As such, all security considerations defined in RFC 8259 and within YAML version 1.2 apply.
+Arazzo Descriptions are frequently written by untrusted third parties, to be deployed on public Internet servers. Processing an Arazzo Description can cause both safe and unsafe operations to be performed on arbitrary network resources. It is the responsibility of the description consumer to ensure that the operations performed are not harmful.
+IANA Considerations
+The proposed MIME media types for the Arazzo Specification are described below.
+application/vnd.oai.workflows
+The default (or general) MIME type for Arazzo documents (e.g. workflows) is defined as follows:
+Media type name: application
+Media subtype name: vnd.oai.workflows
+Required parameters: N/A
+Optional parameters: version (e.g. version=1.0.0 to indicate that the type of workflow conforms to version 1.0.0 of the Arazzo Specification).
+ Encoding considerations: Encoding considerations are identical to those specified for the application/json and application/yaml media types, respectively.
Security considerations: See security considerations above.
+Interoperability considerations: N/A
+Note: When using the application/vnd.oai.workflows media type the consumer should be prepared to receive YAML formatted content
application/vnd.oai.workflows+json
+The proposed MIME media type for Arazzo documents (e.g. workflows) that require a JSON-specific media type is defined as follows:
+Media type name: application
+Media subtype name: vnd.oai.workflows+json
+Required parameters: N/A
+Optional parameters: version (e.g. version=1.0.0 to indicate that the type of Arazzo document conforms to version 1.0.0 of the Arazzo Specification).
+ Encoding considerations: Encoding considerations are identical to those specified for the application/json media type.
Security considerations: See security considerations above.
+Interoperability considerations: N/A
+application/vnd.oai.workflows+yaml
+The proposed MIME media type for Arazzo documents (e.g. workflows) that require a YAML-specific media type is defined as follows:
+Media type name: application
+Media subtype name: vnd.oai.workflows+yaml
+Required parameters: N/A
+Optional parameters: version (e.g. version=1.0.0 to indicate that the type of Arazzo document conforms to version 1.0.0 of the Arazzo Specification).
+ Encoding considerations: Encoding considerations are identical to those specified for the application/yaml media type.
Security considerations: See security considerations above.
+Interoperability considerations: N/A
+Appendix A: Revision History
+| Version | +Date | +Notes | +
|---|---|---|
| 1.0.0 | +2024-05-29 | +First release of the Arazzo Specification | +
The Arazzo Specification v1.0.0
Status of This Document
The source-of-truth for the specification is the GitHub markdown file referenced above.Arazzo Specification
+Version 1.0.0
+The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “NOT RECOMMENDED”, “MAY”, and “OPTIONAL” in this document are to be interpreted as described in BCP 14 [[!RFC2119]] [[!RFC8174]] when, and only when, they appear in all capitals, as shown here.
+This document is licensed under The Apache License, Version 2.0.
+Introduction
+Being able to express specific sequences of calls and articulate the dependencies between them to achieve a particular goal is desirable in the context of API descriptions. The aim of the Arazzo Specification is to provide a mechanism that can define sequences of calls and their dependencies to be woven together and expressed in the context of delivering a particular outcome or set of outcomes when dealing with API descriptions (such as OpenAPI descriptions).
+The Arazzo Specification can articulate these workflows in a human-readable and machine-readable manner, thus improving the capability of API specifications to tell the story of the API in a manner that can improve the consuming developer experience.
+ + +Definitions
+Arazzo Description
+A self-contained document (or set of documents) which defines or describes API workflows (specific sequence of calls to achieve a particular goal in the context of an API definition). An Arazzo Description uses and conforms to the Arazzo Specification, and MUST contain a valid Arazzo Specification version field (arazzo), an Info field, a sourceDescriptions field with at least one defined Source, and there MUST be at least one Workflow defined in the workflows fixed field.
Specification
+Versions
+The Arazzo Specification is versioned using a major.minor.patch versioning scheme. The major.minor portion of the version string (for example 1.0) SHALL designate the Arazzo feature set. .patch versions address errors in, or provide clarifications to, this document, not the feature set. The patch version SHOULD NOT be considered by tooling, making no distinction between 1.0.0 and 1.0.1 for example.
Format
+An Arazzo Description that conforms to the Arazzo Specification is itself a JSON object, which may be represented either in JSON or YAML format.
+All field names in the specification are case sensitive. +This includes all fields that are used as keys in a map, except where explicitly noted that keys are case insensitive.
+In order to preserve the ability to round-trip between YAML and JSON formats, YAML version 1.2 is RECOMMENDED along with some additional constraints:
+-
+
- Tags MUST be limited to those allowed by the JSON Schema ruleset. +
- Keys used in YAML maps MUST be limited to a scalar string, as defined by the YAML Failsafe schema ruleset. +
Arazzo Description Structure
+It is RECOMMENDED that the entry Arazzo document be named: arazzo.json or arazzo.yaml.
An Arazzo Description MAY be made up of a single document or be divided into multiple, connected parts at the discretion of the author. If workflows from other documents are being referenced, they must by included as a Source Description Object. In a multi-document description, the document containing the Arazzo Specification Object is known as the entry Arazzo document.
+Data Types
+Data types in the Arazzo Specification are based on the types supported by the JSON Schema Specification Draft 2020-12. Note that integer as a type is also supported and is defined as a JSON number without a fraction or exponent part.
+As defined by the JSON Schema Validation vocabulary, data types can have an optional modifier property: format. Arazzo additionally supports the formats (similar to the OpenAPI specification) to provide fine detail for primitive data types.
The formats defined are:
+type |
+format |
+Comments | +
|---|---|---|
integer |
+int32 |
+signed 32 bits | +
integer |
+int64 |
+signed 64 bits (a.k.a long) | +
number |
+float |
++ |
number |
+double |
++ |
string |
+password |
+A hint to UIs to obscure input. | +
Relative References in URLs
+Unless specified otherwise, all properties that are URLs MAY be relative references as defined by [[!RFC3986]]. +Unless specified otherwise, relative references are resolved using the URL of the referring document.
+Schema
+In the following description, if a field is not explicitly REQUIRED or described with a MUST or SHALL, it can be considered OPTIONAL.
+Arazzo Specification Object
+This is the root object of the Arazzo Description.
+Fixed Fields
+| Field Name | +Type | +Description | +
|---|---|---|
| arazzo | +string |
+REQUIRED. This string MUST be the version number of the Arazzo Specification that the Arazzo Description uses. The arazzo field MUST be used by tooling to interpret the Arazzo Description. |
+
| info | +Info Object | +REQUIRED. Provides metadata about the workflows contain within the Arazzo Description. The metadata MAY be used by tooling as required. | +
| sourceDescriptions | +[Source Description Object] | +REQUIRED. A list of source descriptions (such as an OpenAPI description) this Arazzo Description SHALL apply to. The list MUST have at least one entry. | +
| workflows | +[Workflow Object] | +REQUIRED. A list of workflows. The list MUST have at least one entry. | +
| components | +Components Object | +An element to hold various schemas for the Arazzo Description. | +
This object MAY be extended with Specification Extensions.
+Arazzo Specification Object Example
+
+arazzo: 1.0.0
+info:
+ title: A pet purchasing workflow
+ summary: This Arazzo Description showcases the workflow for how to purchase a pet through a sequence of API calls
+ description: |
+ This Arazzo Description walks you through the workflow and steps of `searching` for, `selecting`, and `purchasing` an available pet.
+ version: 1.0.1
+sourceDescriptions:
+- name: petStoreDescription
+ url: https://github.com/swagger-api/swagger-petstore/blob/master/src/main/resources/openapi.yaml
+ type: openapi
+
+workflows:
+- workflowId: loginUserAndRetrievePet
+ summary: Login User and then retrieve pets
+ description: This workflow lays out the steps to login a user and then retrieve pets
+ inputs:
+ type: object
+ properties:
+ username:
+ type: string
+ password:
+ type: string
+ steps:
+ - stepId: loginStep
+ description: This step demonstrates the user login step
+ operationId: loginUser
+ parameters:
+ # parameters to inject into the loginUser operation (parameter name must be resolvable at the referenced operation and the value is determined using {expression} syntax)
+ - name: username
+ in: query
+ value: $inputs.username
+ - name: password
+ in: query
+ value: $inputs.password
+ successCriteria:
+ # assertions to determine step was successful
+ - condition: $statusCode == 200
+ outputs:
+ # outputs from this step
+ tokenExpires: $response.header.X-Expires-After
+ rateLimit: $response.header.X-Rate-Limit
+ sessionToken: $response.body
+ - stepId: getPetStep
+ description: retrieve a pet by status from the GET pets endpoint
+ operationPath: '{$sourceDescriptions.petstoreDescription.url}#/paths/~1pet~1findByStatus/get'
+ parameters:
+ - name: status
+ in: query
+ value: 'available'
+ - name: Authorization
+ in: header
+ value: $steps.loginUser.outputs.sessionToken
+ successCriteria:
+ - condition: $statusCode == 200
+ outputs:
+ # outputs from this step
+ availablePets: $response.body
+ outputs:
+ available: $steps.getPetStep.availablePets
+Info Object
+The object provides metadata about API workflows defined in this Arazzo document. +The metadata MAY be used by the clients if needed.
+Fixed Fields
+| Field Name | +Type | +Description | +
|---|---|---|
| title | +string |
+REQUIRED. A human readable title of the Arazzo Description. | +
| summary | +string |
+A short summary of the Arazzo Description. | +
| description | +string |
+A description of the purpose of the workflows defined. CommonMark syntax MAY be used for rich text representation. | +
| version | +string |
+REQUIRED. The version identifier of the Arazzo document (which is distinct from the Arazzo Specification version). | +
This object MAY be extended with Specification Extensions.
+Info Object Example
+
+title: A pet purchasing workflow
+summary: This workflow showcases how to purchase a pet through a sequence of API calls
+description: |
+ This workflow walks you through the steps of searching for, selecting, and purchasing an available pet.
+version: 1.0.1
+Source Description Object
+Describes a source description (such as an OpenAPI description) that will be referenced by one or more workflows described within an Arazzo Description.
+An object storing a map between named description keys and location URLs to the source descriptions (such as an OpenAPI description) this Arazzo Description SHALL apply to. Each source location string MUST be in the form of a URI-reference as defined by RFC3986 section 4.1.
Fixed Fields
+| Field Name | +Type | +Description | +
|---|---|---|
| name | +string |
+REQUIRED. A unique name for the source description. Tools and libraries MAY use the name to uniquely identify a source description, therefore, it is RECOMMENDED to follow common programming naming conventions. SHOULD conform to the regular expression [A-Za-z0-9_\-]+. |
+
| url | +string |
+REQUIRED. A URL to a source description to be used by a workflow. If a relative reference is used, it MUST be in the form of a URI-reference as defined by RFC3986 section 4.2. | +
| type | +string |
+The type of source description. Possible values are "openapi" or "arazzo". |
+
This object MAY be extended with Specification Extensions.
+Source Description Object Example
+
+name: petStoreDescription
+url: https://github.com/swagger-api/swagger-petstore/blob/master/src/main/resources/openapi.yaml
+type: openapi
+Workflow Object
+Describes the steps to be taken across one or more APIs to achieve an objective. The workflow object MAY define inputs needed in order to execute workflow steps, where the defined steps represent a call to an API operation or another workflow, and a set of outputs.
+Fixed Fields
+| Field Name | +Type | +Description | +
|---|---|---|
| workflowId | +string |
+REQUIRED. Unique string to represent the workflow. The id MUST be unique amongst all workflows describe in the Arazzo Description. The workflowId value is case-sensitive. Tools and libraries MAY use the workflowId to uniquely identify a workflow, therefore, it is RECOMMENDED to follow common programming naming conventions. SHOULD conform to the regular expression [A-Za-z0-9_\-]+. |
+
| summary | +string |
+A summary of the purpose or objective of the workflow. | +
| description | +string |
+A description of the workflow. CommonMark syntax MAY be used for rich text representation. | +
| inputs | +JSON Schema |
+A JSON Schema 2020-12 object representing the input parameters used by this workflow. | +
| dependsOn | +[string] |
+A list of workflows that MUST be completed before this workflow can be processed. The values provided MUST be a workflowId. If the workflow depended on is defined within the current Workflow Document, then specify the workflowId of the relevant local workflow. If the workflow is defined in a separate Arazzo Document then the workflow MUST be defined in the sourceDescriptions and the workflowId MUST be specified using a runtime expression (e.g., $sourceDescriptions.<name>.<workflowId>) to avoid ambiguity or potential clashes. |
+
| steps | +[Step Object] | +REQUIRED. An ordered list of steps where each step represents a call to an API operation or to another workflow. | +
| successActions | +[Success Action Object | Reusable Object] | +A list of success actions that are applicable for all steps described under this workflow. These success actions can be overridden at the step level but cannot be removed there. If a Reusable Object is provided, it MUST link to success actions defined in the components/successActions of the current Arazzo document. The list MUST NOT include duplicate success actions. | +
| failureActions | +[Failure Action Object | Reusable Object] | +A list of failure actions that are applicable for all steps described under this workflow. These failure actions can be overridden at the step level but cannot be removed there. If a Reusable Object is provided, it MUST link to failure actions defined in the components/failureActions of the current Arazzo document. The list MUST NOT include duplicate failure actions. | +
| outputs | +Map[string, {expression}] |
+A map between a friendly name and a dynamic output value. The name MUST use keys that match the regular expression: ^[a-zA-Z0-9\.\-_]+$. |
+
| parameters | +[Parameter Object | Reusable Object] | +A list of parameters that are applicable for all steps described under this workflow. These parameters can be overridden at the step level but cannot be removed there. Each parameter MUST be passed to an operation or workflow as referenced by operationId, operationPath, or workflowId as specified within each step. If a Reusable Object is provided, it MUST link to a parameter defined in the components/parameters of the current Arazzo document. The list MUST NOT include duplicate parameters. |
+
This object MAY be extended with Specification Extensions.
+Workflow Object Example
+
+workflowId: loginUser
+summary: Login User
+description: This workflow lays out the steps to login a user
+inputs:
+ type: object
+ properties:
+ username:
+ type: string
+ password:
+ type: string
+steps:
+ - stepId: loginStep
+ description: This step demonstrates the user login step
+ operationId: loginUser
+ parameters:
+ # parameters to inject into the loginUser operation (parameter name must be resolvable at the referenced operation and the value is determined using {expression} syntax)
+ - name: username
+ in: query
+ value: $inputs.username
+ - name: password
+ in: query
+ value: $inputs.password
+ successCriteria:
+ # assertions to determine step was successful
+ - condition: $statusCode == 200
+ outputs:
+ # outputs from this step
+ tokenExpires: $response.header.X-Expires-After
+ rateLimit: $response.header.X-Rate-Limit
+outputs:
+ tokenExpires: $steps.loginStep.outputs.tokenExpires
+Step Object
+Describes a single workflow step which MAY be a call to an API operation (OpenAPI Operation Object or another Workflow Object.
+Fixed Fields
+| Field Name | +Type | +Description | +
|---|---|---|
| description | +string |
+A description of the step. CommonMark syntax MAY be used for rich text representation. | +
| stepId | +string |
+REQUIRED. Unique string to represent the step. The stepId MUST be unique amongst all steps described in the workflow. The stepId value is case-sensitive. Tools and libraries MAY use the stepId to uniquely identify a workflow step, therefore, it is RECOMMENDED to follow common programming naming conventions. SHOULD conform to the regular expression [A-Za-z0-9_\-]+. |
+
| operationId | +string |
+The name of an existing, resolvable operation, as defined with a unique operationId and existing within one of the sourceDescriptions. The referenced operation will be invoked by this workflow step. If multiple (non arazzo type) sourceDescriptions are defined, then the operationId MUST be specified using a runtime expression (e.g., $sourceDescriptions.<name>.<operationId>) to avoid ambiguity or potential clashes. This field is mutually exclusive of the operationPath and workflowId fields respectively. |
+
| operationPath | +string |
+A reference to a Source combined with a JSON Pointer to reference an operation. This field is mutually exclusive of the operationId and workflowId fields respectively. The operation being referenced MUST be described within one of the sourceDescriptions descriptions. A runtime expression syntax MUST be used to identify the source description document. If the referenced operation has an operationId defined then the operationId SHOULD be preferred over the operationPath. |
+
| workflowId | +string |
+The workflowId referencing an existing workflow within the Arazzo Description. If multiple arazzo type sourceDescriptions are defined, then the workflowId MUST be specified using a runtime expression (e.g., $sourceDescriptions.<name>.<workflowId>) to avoid ambiguity or potential clashes. The field is mutually exclusive of the operationId and operationPath fields respectively. |
+
| parameters | +[Parameter Object | Reusable Object] | +A list of parameters that MUST be passed to an operation or workflow as referenced by operationId, operationPath, or workflowId. If a parameter is already defined at the Workflow, the new definition will override it but can never remove it. If a Reusable Object is provided, it MUST link to a parameter defined in the components/parameters of the current Arazzo document. The list MUST NOT include duplicate parameters. |
+
| requestBody | +Request Body Object | +The request body to pass to an operation as referenced by operationId or operationPath. The requestBody is fully supported in HTTP methods where the HTTP 1.1 specification [[!RFC7231]] has explicitly defined semantics for request bodies. In other cases where the HTTP spec is vague (such as GET, HEAD and DELETE), requestBody is permitted but does not have well-defined semantics and SHOULD be avoided if possible. |
+
| successCriteria | +[Criterion Object] | +A list of assertions to determine the success of the step. Each assertion is described using a Criterion Object. All assertions MUST be satisfied for the step to be deemed successful. |
+
| onSuccess | +[Success Action Object | Reusable Object] | +An array of success action objects that specify what to do upon step success. If omitted, the next sequential step shall be executed as the default behavior. If multiple success actions have similar criteria, the first sequential action matching the criteria SHALL be the action executed. If a success action is already defined at the Workflow, the new definition will override it but can never remove it. If a Reusable Object is provided, it MUST link to a success action defined in the components of the current Arazzo document. The list MUST NOT include duplicate success actions. |
+
| onFailure | +[Failure Action Object | Reusable Object] | +An array of failure action objects that specify what to do upon step failure. If omitted, the default behavior is to break and return. If multiple failure actions have similar criteria, the first sequential action matching the criteria SHALL be the action executed. If a failure action is already defined at the Workflow, the new definition will override it but can never remove it. If a Reusable Object is provided, it MUST link to a failure action defined in the components of the current Arazzo document. The list MUST NOT include duplicate failure actions. |
+
| outputs | +Map[string, {expression}] |
+A map between a friendly name and a dynamic output value defined using a runtime expression. The name MUST use keys that match the regular expression: ^[a-zA-Z0-9\.\-_]+$. |
+
This object MAY be extended with Specification Extensions.
+Step Object Example
+Single step
+
+stepId: loginStep
+description: This step demonstrates the user login step
+operationId: loginUser
+parameters:
+ # parameters to inject into the loginUser operation (parameter name must be resolvable at the referenced operation and the value is determined using {expression} syntax)
+ - name: username
+ in: query
+ value: $inputs.username
+ - name: password
+ in: query
+ value: $inputs.password
+successCriteria:
+ # assertions to determine step was successful
+ - condition: $statusCode == 200
+outputs:
+ # outputs from this step
+ tokenExpires: $response.header.X-Expires-After
+ rateLimit: $response.header.X-Rate-Limit
+Multiple steps
+
+steps:
+ - stepId: loginStep
+ description: This step demonstrates the user login step
+ operationId: loginUser
+ parameters:
+ # parameters to inject into the loginUser operation (parameter name must be resolvable at the referenced operation and the value is determined using {expression} syntax)
+ - name: username
+ in: query
+ value: $inputs.username
+ - name: password
+ in: query
+ value: $inputs.password
+ successCriteria:
+ # assertions to determine step was successful
+ - condition: $statusCode == 200
+ outputs:
+ # outputs from this step
+ tokenExpires: $response.header.X-Expires-After
+ rateLimit: $response.header.X-Rate-Limit
+ sessionToken: $response.body
+ - stepId: getPetStep
+ description: retrieve a pet by status from the GET pets endpoint
+ operationPath: '{$sourceDescriptions.petStoreDescription.url}#/paths/~1pet~1findByStatus/get'
+ parameters:
+ - name: status
+ in: query
+ value: 'available'
+ - name: Authorization
+ in: header
+ value: $steps.loginUser.outputs.sessionToken
+ successCriteria:
+ - condition: $statusCode == 200
+ outputs:
+ # outputs from this step
+ availablePets: $response.body
+Parameter Object
+Describes a single step parameter. A unique parameter is defined by the combination of a name and in fields. There are four possible locations specified by the in field:
-
+
- path - Used together with OpenAPI style Path Templating, where the parameter value is actually part of the operation’s URL. This does not include the host or base path of the API. For example, in /items/{itemId}, the path parameter is itemId. +
- query - Parameters that are appended to the URL. For example, in
/items?id=###, the query parameter isid.
+ - header - Custom headers that are expected as part of the request. Note that [[!RFC7230]] states header names are case insensitive. +
- cookie - Used to pass a specific cookie value to the source API. +
Fixed Fields
+| Field Name | +Type | +Description | +
|---|---|---|
| name | +string |
+REQUIRED. The name of the parameter. Parameter names are case sensitive. | +
| in | +string |
+The name location of the parameter. Possible values are "path", "query", "header", "cookie", or "body". When the step in context specifies a workflowId, then all parameters map to workflow inputs. In all other scenarios (e.g., a step specifies an operationId), the in field MUST be specified. |
+
| value | +Any | {expression} | +REQUIRED. The value to pass in the parameter. The value can be a constant or an Runtime Expression to be evaluated and passed to the referenced operation or workflow. | +
This object MAY be extended with Specification Extensions.
+Parameter Object Example
+Query Example
+
+- name: username
+ in: query
+ value: $inputs.username
+Header Example
+
+- name: X-Api-Key
+ in: header
+ value: $inputs.x-api-key
+Success Action Object
+A single success action which describes an action to take upon success of a workflow step. There are two possible values for the type field.
-
+
- end - The workflow ends, and context returns to the caller with applicable outputs +
- goto - A one-way transfer of workflow control to the specified label (either a
workflowIdorstepId)
+
Fixed Fields
+| Field Name | +Type | +Description | +
|---|---|---|
| name | +string |
+REQUIRED. The name of the success action. Names are case sensitive. | +
| type | +string |
+REQUIRED. The type of action to take. Possible values are "end" or "goto". |
+
| workflowId | +string |
+The workflowId referencing an existing workflow within the Arazzo Description to transfer to upon success of the step. This field is only relevant when the type field value is "goto". If multiple arazzo type sourceDescriptions are defined, then the workflowId MUST be specified using a runtime expression (e.g., $sourceDescriptions.<name>.<workflowId>) to avoid ambiguity or potential clashes. This field is mutually exclusive to stepId. |
+
| stepId | +string |
+The stepId to transfer to upon success of the step. This field is only relevant when the type field value is "goto". The referenced stepId MUST be within the current workflow. This field is mutually exclusive to workflowId. |
+
| criteria | +[Criterion Object] | +A list of assertions to determine if this action SHALL be executed. Each assertion is described using a Criterion Object. All criteria assertions MUST be satisfied for the action to be executed. |
+
This object MAY be extended with Specification Extensions.
+Success Action Object Example
+
+name: JoinWaitingList
+type: goto
+stepId: joinWaitingListStep
+criteria:
+ # assertions to determine if this success action should be executed
+ - context: $response.body
+ condition: $[?count(@.pets) > 0]
+ type: JSONPath
+Failure Action Object
+A single failure action which describes an action to take upon failure of a workflow step. There are three possible values for the type field.
-
+
- end - The workflow ends, and context returns to the caller with applicable outputs +
- retry - The current step will be retried. The retry will be constrained by the
retryAfterandretryLimitfields. If astepIdorworkflowIdare specified, then the reference is executed and the context is returned, after which the current step is retried.
+ - goto - A one-way transfer of workflow control to the specified label (either a
workflowIdorstepId)
+
Fixed Fields
+| Field Name | +Type | +Description | +
|---|---|---|
| name | +string |
+REQUIRED. The name of the failure action. Names are case sensitive. | +
| type | +string |
+REQUIRED. The type of action to take. Possible values are "end", "retry", or "goto". |
+
| workflowId | +string |
+The workflowId referencing an existing workflow within the Arazzo Description to transfer to upon failure of the step. This field is only relevant when the type field value is "goto" or "retry". If multiple arazzo type sourceDescriptions are defined, then the workflowId MUST be specified using a runtime expression (e.g., $sourceDescriptions.<name>.<workflowId>) to avoid ambiguity or potential clashes. This field is mutually exclusive to stepId. When used with "retry", context transfers back upon completion of the specified workflow. |
+
| stepId | +string |
+The stepId to transfer to upon failure of the step. This field is only relevant when the type field value is "goto" or "retry". The referenced stepId MUST be within the current workflow. This field is mutually exclusive to workflowId. When used with "retry", context transfers back upon completion of the specified step. |
+
| retryAfter | +number |
+A non-negative decimal indicating the seconds to delay after the step failure before another attempt SHALL be made. Note: if an HTTP Retry-After response header was returned to a step from a targeted operation, then it SHOULD overrule this particular field value. This field only applies when the type field value is "retry" or "function". |
+
| retryLimit | +integer |
+A non-negative integer indicating how many attempts to retry the step MAY be attempted before failing the overall step. If not specified then a single retry SHALL be attempted. This field only applies when the type field value is "retry". The retryLimit MUST be exhausted prior to executing subsequent failure actions. |
+
| criteria | +[Criterion Object] | +A list of assertions to determine if this action SHALL be executed. Each assertion is described using a Criterion Object. | +
This object MAY be extended with Specification Extensions.
+Failure Action Object Example
+
+name: retryStep
+type: retry
+retryAfter: 1
+retryLimit: 5
+criteria:
+ # assertions to determine if this action should be executed
+ - condition: $statusCode == 503
+Components Object
+Holds a set of reusable objects for different aspects of the Arazzo Specification. All objects defined within the components object will have no effect on the Arazzo Description unless they are explicitly referenced from properties outside the components object.
+Components are scoped to the Arazzo document they are defined in. For example, if a step defined in Arazzo document “A” references a workflow defined in Arazzo document “B”, the components in “A” are not considered when evaluating the workflow referenced in “B”.
+Fixed Fields
+| Field Name | +Type | +Description | +
|---|---|---|
| inputs | +Map[string, JSON Schema] |
+An object to hold reusable JSON Schema objects to be referenced from workflow inputs. | +
| parameters | +Map[string, Parameter Object] |
+An object to hold reusable Parameter Objects | +
| successActions | +Map[string, Success Action Object] |
+An object to hold reusable Success Actions Objects. | +
| failureActions | +Map[string, Failure Action Object] |
+An object to hold reusable Failure Actions Objects. | +
This object MAY be extended with Specification Extensions.
+All the fixed fields declared above are objects that MUST use keys that match the regular expression: ^[a-zA-Z0-9\.\-_]+$. The key is used to refer to the input or parameter in other parts of the Workflow Description.
Field Name Examples:
+
+User
+User_1
+User_Name
+user-name
+my.org.User
+Components Object Example
+
+components:
+ parameters:
+ storeId:
+ name: storeId
+ in: header
+ value: $inputs.x-store-id
+ inputs:
+ pagination:
+ type: object
+ properties:
+ page:
+ type: integer
+ format: int32
+ pageSize:
+ type: integer
+ format: int32
+ failureActions:
+ refreshToken:
+ name: refreshExpiredToken
+ type: retry
+ retryAfter: 1
+ retryLimit: 5
+ workflowId: refreshTokenWorkflowId
+ criteria:
+ # assertions to determine if this action should be executed
+ - condition: $statusCode == 401
+
+"components": {
+ "parameters": {
+ "storeId": {
+ "name": "storeId",
+ "in": "header",
+ "value": "$inputs.x-store-id"
+ }
+ },
+ "inputs": {
+ "pagination": {
+ "type": "object",
+ "properties": {
+ "page": {
+ "type": "integer",
+ "format": "int32"
+ },
+ "pageSize": {
+ "type": "integer",
+ "format": "int32"
+ }
+ }
+ }
+ },
+ "failureActions": {
+ "refreshToken": {
+ "name": "refreshExpiredToken",
+ "type": "retry",
+ "retryAfter": 1,
+ "retryLimit": 5,
+ "workflowId": "refreshTokenWorkflowId",
+ "criteria": [
+ {
+ "condition": "{$statusCode == 401}"
+ }
+ ]
+ }
+ }
+}
+Reusable Object
+A simple object to allow referencing of objects contained within the Components Object. It can be used from locations within steps or workflows in the Arazzo Description. Note - Input Objects MUST use standard JSON Schema referencing via the $ref keyword while all non JSON Schema objects use this object and its expression based referencing mechanism.
Fixed Fields
+| Field Name | +Type | +Description | +
|---|---|---|
| value | +string |
+Sets a value of the referenced parameter. This is only applicable for parameter object references. | +
This object cannot be extended with additional properties and any properties added MUST be ignored.
+Reusable Object Example
+
+ reference: $components.successActions.notify
+
+ {
+ "reference": "$components.successActions.notify"
+ }
+
+ reference: $components.parameters.page
+ value: 1
+
+ {
+ "reference": "$components.parameters.page",
+ "value": 1
+ }
+Criterion Object
+An object used to specify the context, conditions, and condition types that can be used to prove or satisfy assertions specified in Step Object successCriteria, Success Action Object criteria, and Failure Action Object criteria.
There are four flavors of conditions supported:
+-
+
- simple - where basic literals, operators, and loose comparisons are used in combination with Runtime Expressions. +
- regex - where a regex pattern is applied on the supplied context. The context is defined by a Runtime Expression. +
- jsonpath - where a JSON Path expression is applied. The root node context is defined by a Runtime Expression. +
- xpath - where an XPath expression is applied. The root node context is defined by a Runtime Expression. +
Literals
+As part of a condition expression, you can use boolean, null, number, or string data types.
| Type | +Literal value | +
|---|---|
boolean |
+true or false |
+
null |
+null |
+
number |
+Any number format supported in Data Types | +
string |
+Strings MUST use single quotes (‘) around the string. To use a literal single quote, escape the literal single quote using an additional single quote (’'). | +
Operators
+| Operator | +Description | +
|---|---|
< |
+Less than | +
<= |
+Less than or equal | +
> |
+Greater than | +
>= |
+Greater than or equal | +
== |
+Equal | +
!= |
+Not equal | +
! |
+Not | +
&& |
+And | +
|| |
+Or | +
() |
+Logical Grouping | +
[] |
+Index (0-based) | +
. |
+Property de-reference | +
String comparisons MUST be case insensitive.
Fixed Fields
+| Field Name | +Type | +Description | +
|---|---|---|
| context | +{expression} |
+A runtime expression used to set the context for the condition to be applied on. If type is specified, then the context MUST be provided (e.g. $response.body would set the context that a JSONPath query expression could be applied to). |
+
| condition | +string |
+REQUIRED. The condition to apply. Conditions can be simple (e.g. $statusCode == 200 which applies a operator on a value obtained from a runtime expression), or a regex, or a JSONPath expression. For regex and JSONPath, the type and context MUST be specified. |
+
| type | +string | Criterion Expression Type Object |
+The type of condition to be applied. If specified, the options allowed are simple, regex, jsonpath or xpath. If omitted, then the condition is assumed to be simple, which at most combines literals, operators and Runtime Expressions. If jsonpath, then the expression MUST conform to JSON Path. If xpath the expression MUST conform to XML Path Language 3.1. Should other variants of JSON Path or XPath be required, then a Criterion Expression Type Object MUST be specified. |
+
This object MAY be extended with Specification Extensions.
+Criterion Object Example
+Simple Condition Example
+
+- condition: $statusCode == 200
+Regex Condition Example
+
+- context: $statusCode
+ condition: '^200$'
+ type: regex
+JSONPath Condition Example
+
+- context: $response.body
+ condition: $[?count(@.pets) > 0]
+ type: jsonpath
+Criterion Expression Type Object
+An object used to describe the type and version of an expression used within a Criterion Object. If this object is not defined, then the following defaults apply:
+-
+
- JSON Path as described by [!RFC9535] +
- XPath as described by XML Path Language 3.1 +
Defining this object gives the ability to utilize tooling compatible with older versions of either JSON Path or XPath.
+Fixed Fields
+This object MAY be extended with Specification Extensions.
+Criterion Expression Type Example
+JSON Path Example
+
+ type: jsonpath
+ version: draft-goessner-dispatch-jsonpath-00
+XPath Example
+
+ type: xpath
+ version: xpath-30
+Request Body Object
+A single request body describing the Content-Type and request body content to be passed by a step to an operation.
Fixed Fields
+| Field Name | +Type | +Description | +
|---|---|---|
| contentType | +string |
+The Content-Type for the request content. If omitted then refer to Content-Type specified at the targeted operation to understand serialization requirements. | +
| payload | +Any | +A value representing the request body payload. The value can be a literal value or can contain Runtime Expressions which MUST be evaluated prior to calling the referenced operation. To represent examples of media types that cannot be naturally represented in JSON or YAML, use a string value to contain the example, escaping where necessary. | +
replacements | [Payload Replacement Object] | A list of locations and values to set within a payload.
+This object MAY be extended with Specification Extensions.
+RequestBody Object Example
+JSON Templated Example
+ contentType: application/json
+ payload: |
+ {
+ "petOrder": {
+ "petId": "{$inputs.pet_id}",
+ "couponCode": "{$inputs.coupon_code}",
+ "quantity": "{$inputs.quantity}",
+ "status": "placed",
+ "complete": false
+ }
+ }
+JSON Object Example
+ contentType: application/json
+ payload:
+ petOrder:
+ petId: $inputs.pet_id
+ couponCode: $inputs.coupon_code
+ quantity: $inputs.quantity
+ status: placed
+ complete: false
+Complete Runtime Expression
+ contentType: application/json
+ payload: $inputs.petOrderRequest
+XML Templated Example
+ contentType: application/xml
+ payload: |
+ <petOrder>
+ <petId>{$inputs.pet_id}</petId>
+ <couponCode>{$inputs.coupon_code}</couponCode>
+ <quantity>{$inputs.quantity}</quantity>
+ <status>placed</status>
+ <complete>false</complete>
+ </petOrder>
+Form Data Example
+ contentType: application/x-www-form-urlencoded
+ payload:
+ client_id: $inputs.clientId
+ grant_type: $inputs.grantType
+ redirect_uri: $inputs.redirectUri
+ client_secret: $inputs.clientSecret
+ code: $steps.browser-authorize.outputs.code
+ scope: $inputs.scope
+Form Data String Example
+ contentType: application/x-www-form-urlencoded
+ payload: "client_id={$inputs.clientId}&grant_type={$inputs.grantType}&redirect_uri={$inputs.redirectUri}&client_secret={$inputs.clientSecret}&code{$steps.browser-authorize.outputs.code}&scope=$inputs.scope}"
+Payload Replacement Object
+Describes a location within a payload (e.g., a request body) and a value to set within the location.
+Fixed Fields
+| Field Name | +Type | +Description | +
|---|---|---|
| target | +string |
+REQUIRED. A JSON Pointer or XPath Expression which MUST be resolved against the request body. Used to identify the location to inject the value. |
+
| value | +Any | {expression} | +REQUIRED. The value set within the target location. The value can be a constant or a Runtime Expression to be evaluated and passed to the referenced operation or workflow. | +
This object MAY be extended with Specification Extensions.
+Payload Replacement Object Example
+Runtime Expression Example
+
+ target: /petId
+ value: $inputs.pet_id
+Literal Example
+
+ target: /quantity
+ value: 10
+Runtime Expressions
+A runtime expression allows values to be defined based on information that will be available within an HTTP message, an event message, and within objects serialized from the Arazzo document such as workflows or steps.
+The runtime expression is defined by the following ABNF syntax:
+
+ expression = ( "$url" / "$method" / "$statusCode" / "$request." source / "$response." source / "$message." source / "$inputs." name / "$outputs." name / "$steps." name / "$workflows." name / "$sourceDescriptions." name / "$components." name / "$components.parameters." parameter-name)
+ parameter-name = name ; Reuses 'name' rule for parameter names
+ source = ( header-reference / query-reference / path-reference / body-reference )
+ header-reference = "header." token
+ query-reference = "query." name
+ path-reference = "path." name
+ body-reference = "body" ["#" json-pointer ]
+ json-pointer = *( "/" reference-token )
+ reference-token = *( unescaped / escaped )
+ unescaped = %x00-2E / %x30-7D / %x7F-10FFFF
+ ; %x2F ('/') and %x7E ('~') are excluded from 'unescaped'
+ escaped = "~" ( "0" / "1" )
+ ; representing '~' and '/', respectively
+ name = *( CHAR )
+ token = 1*tchar
+ tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*" / "+" / "-" / "." /
+ "^" / "_" / "`" / "|" / "~" / DIGIT / ALPHA
+Examples
+| Source Location | +example expression | +notes | +
|---|---|---|
| HTTP Method | +$method |
+The allowable values for the $method will be those for the HTTP operation. |
+
| Requested media type | +$request.header.accept |
++ |
| Request parameter | +$request.path.id |
+Request parameters MUST be declared in the parameters section of the parent operation or they cannot be evaluated. This includes request headers. |
+
| Request body property | +$request.body#/user/uuid |
+In operations which accept payloads, references may be made to portions of the requestBody or the entire body. |
+
| Request URL | +$url |
++ |
| Response value | +$response.body#/status |
+In operations which return payloads, references may be made to portions of the response body or the entire body. | +
| Response header | +$response.header.Server |
+Single header values only are available | +
| workflow input | +$inputs.username or $workflows.foo.inputs.username |
+Single input values only are available | +
| Step output value | +$steps.someStep.pets |
+In situations where the output named property return payloads, references may be made to portions of the response body or the entire body. | +
| Workflow output value | +$outputs.bar or $workflows.foo.outputs.bar |
+Single input values only are available | +
| Components parameter | +$components.parameters.foo |
+Accesses a foo parameter defined within the Components Object. | +
Runtime expressions preserve the type of the referenced value.
+Expressions can be embedded into string values by surrounding the expression with {} curly braces.
Specification Extensions
+While the Arazzo Specification tries to accommodate most use cases, additional data can be added to extend the specification at certain points.
+The extension properties are implemented as patterned fields that are always prefixed by "x-".
| Field Pattern | +Type | +Description | +
|---|---|---|
| ^x- | +Any | +Allows extensions to the Arazzo Specification. The field name MUST begin with x-, for example, x-internal-id. Field names beginning x-oai-, x-oas-, and x-arazzo are reserved for uses defined by the OpenAPI Initiative. The value MAY be null, a primitive, an array or an object. |
+
The extensions may or may not be supported by the available tooling, but those may be extended as well to add requested support (if tools are internal or open-sourced).
+Security Considerations
+The Arazzo Specification does not enforce a security mechanism. Security is left to the implementer, though TLS, specifically HTTPS may be recommended for exchanging sensitive workflows.
+Arazzo Descriptions can be JSON or YAML values. As such, all security considerations defined in RFC 8259 and within YAML version 1.2 apply.
+Arazzo Descriptions are frequently written by untrusted third parties, to be deployed on public Internet servers. Processing an Arazzo Description can cause both safe and unsafe operations to be performed on arbitrary network resources. It is the responsibility of the description consumer to ensure that the operations performed are not harmful.
+IANA Considerations
+The proposed MIME media types for the Arazzo Specification are described below.
+application/vnd.oai.workflows
+The default (or general) MIME type for Arazzo documents (e.g. workflows) is defined as follows:
+Media type name: application
+Media subtype name: vnd.oai.workflows
+Required parameters: N/A
+Optional parameters: version (e.g. version=1.0.0 to indicate that the type of workflow conforms to version 1.0.0 of the Arazzo Specification).
+ Encoding considerations: Encoding considerations are identical to those specified for the application/json and application/yaml media types, respectively.
Security considerations: See security considerations above.
+Interoperability considerations: N/A
+Note: When using the application/vnd.oai.workflows media type the consumer should be prepared to receive YAML formatted content
application/vnd.oai.workflows+json
+The proposed MIME media type for Arazzo documents (e.g. workflows) that require a JSON-specific media type is defined as follows:
+Media type name: application
+Media subtype name: vnd.oai.workflows+json
+Required parameters: N/A
+Optional parameters: version (e.g. version=1.0.0 to indicate that the type of Arazzo document conforms to version 1.0.0 of the Arazzo Specification).
+ Encoding considerations: Encoding considerations are identical to those specified for the application/json media type.
Security considerations: See security considerations above.
+Interoperability considerations: N/A
+application/vnd.oai.workflows+yaml
+The proposed MIME media type for Arazzo documents (e.g. workflows) that require a YAML-specific media type is defined as follows:
+Media type name: application
+Media subtype name: vnd.oai.workflows+yaml
+Required parameters: N/A
+Optional parameters: version (e.g. version=1.0.0 to indicate that the type of Arazzo document conforms to version 1.0.0 of the Arazzo Specification).
+ Encoding considerations: Encoding considerations are identical to those specified for the application/yaml media type.
Security considerations: See security considerations above.
+Interoperability considerations: N/A
+Appendix A: Revision History
+| Version | +Date | +Notes | +
|---|---|---|
| 1.0.0 | +2024-05-29 | +First release of the Arazzo Specification | +
'+(n?e:l(e,!0))+""+(n?e:l(e,!0))+"\n"+e+"\n"},o.prototype.html=function(e){return e},o.prototype.heading=function(e,t,n){return this.options.headerIds?"
\n":"
\n"},o.prototype.list=function(e,t,n){var r=t?"ol":"ul";return"<"+r+(t&&1!==n?' start="'+n+'"':"")+">\n"+e+"\n"},o.prototype.listitem=function(e){return"
"+e+"
\n"},o.prototype.table=function(e,t){return t&&(t=""+t+""),""+e+""},o.prototype.br=function(){return this.options.xhtml?"":"
"},o.prototype.del=function(e){return"
"+l(e.message+"",!0)+"";throw e}}h.exec=h,b.options=b.setOptions=function(e){return m(b.defaults,e),b},b.getDefaults=function(){return{baseUrl:null,breaks:!1,gfm:!0,headerIds:!0,headerPrefix:"",highlight:null,langPrefix:"language-",mangle:!0,pedantic:!1,renderer:new o,sanitize:!1,sanitizer:null,silent:!1,smartLists:!1,smartypants:!1,tables:!0,xhtml:!1}},b.defaults=b.getDefaults(),b.Parser=s,b.parser=s.parse,b.Renderer=o,b.TextRenderer=a,b.Lexer=n,b.lexer=n.lex,b.InlineLexer=i,b.inlineLexer=i.output,b.parse=b,"undefined"!=typeof module&&"object"==typeof exports?module.exports=b:"function"==typeof define&&define.amd?define("deps/marked",[],function(){return b}):e.marked=b}(this||("undefined"!=typeof window?window:global)),define("core/utils",["exports","core/pubsubhub","deps/marked"],function(e,t,n){Object.defineProperty(e,"__esModule",{value:!0}),e.ISODate=e.name=void 0,e.markdownToHtml=function(e){const t=h(e).replace(l,">").replace(c,"&");return(0,i.default)(t)},e.makeOwnerSwapper=function(e){if(!e)throw new TypeError("Expected instance of Node.");return t=>{if(t.ownerDocument.adoptNode(e),t.firstElementChild)return t.insertBefore(e,t.firstElementChild);t.appendChild(e)}},e.calculateLeftPad=function(e){if("string"!=typeof e)throw new TypeError("Invalid input");var t=e.split("\n").filter(e=>e).reduce((e,t)=>{if(0===e)return e;const n=t.match(o)[0]||"";return Math.min(n.length,e)},1/0);return t===1/0?0:t},e.createResourceHint=function(e){if(!e||"object"!=typeof e)throw new TypeError("Missing options");if(!p.has(e.hint))throw new TypeError("Invalid resources hint");const t=new URL(e.href,document.location),n=document.createElement("link");let r=t.href;switch(n.rel=e.hint,n.rel){case"dns-prefetch":case"preconnect":r=t.origin,(e.corsMode||t.origin!==document.location.origin)&&(n.crossOrigin=e.corsMode||"anonymous");break;case"preload":"as"in e&&"string"==typeof e.as&&(f.has(e.as)||console.warn(`Unknown request destination: ${e.as}`),n.setAttribute("as",e.as))}n.href=r,e.dontRemove||n.classList.add("removeOnSave");return n},e.normalizePadding=h,e.removeReSpec=function(e){Array.from(e.querySelectorAll(".remove, script[data-requiremodule]")).forEach(e=>{e.remove()})},e.joinAnd=function(e=[],t=(e=>e)){const n=e.map(t);switch(n.length){case 0:case 1:return n.toString();case 2:return n.join(" and ");default:const e=n.join(", "),t=e.lastIndexOf(",");return`${e.substr(0,t+1)} and ${e.slice(t+2)}`}},e.xmlEscape=function(e){return e.replace(/&/g,"&").replace(/>/g,">").replace(/"/g,""").replace(/i)return 1;if(i>t)return-1;if(!isNaN(t)&&isNaN(i))return 1;if(isNaN(t)&&!isNaN(i))return-1}return 0},e.concatDate=function(e,t=""){return u.format(e).replace(s,t)},e.toShortIsoDate=function(e){return u.format(e)},e.lead0=function(e){return 1===String(e).length?"0"+e:e},e.parseSimpleDate=function(e){return new Date(e)},e.parseLastModified=function(e){return e?new Date(Date.parse(e)):new Date},e.humanDate=function(e=new Date,t=document.documentElement.lang||"en"){e instanceof Date||(e=new Date(e));const n=[t,"en"],r=e.toLocaleString(n,{day:"2-digit",timeZone:"UTC"}),i=e.toLocaleString(n,{month:"long",timeZone:"UTC"}),o=e.toLocaleString(n,{year:"numeric",timeZone:"UTC"});return`${r} ${i} ${o}`},e.isoDate=function(e){return(e instanceof Date?e:new Date(e)).toISOString()},e.toKeyValuePairs=function(e,t=", ",n="="){return Array.from(Object.entries(e)).map(([e,t])=>`${e}${n}${JSON.stringify(t)}`).join(t)},e.linkCSS=function(e,t){const n=[].concat(t).map(t=>{var n=e.createElement("link");return n.rel="stylesheet",n.href=t,n}).reduce(function(e,t){return e.appendChild(t),e},e.createDocumentFragment());e.head.appendChild(n)},e.runTransforms=function(e,n){var r=[this,e],i=Array.from(arguments);if(i.shift(),i.shift(),r=r.concat(i),n)for(var o=n.split(/\s+/),a=0;a
\s*<\/p>/gm,"");u.innerHTML=d,p=u.querySelectorAll(".nolinks a[href]"),Array.from(p).forEach(e=>{const t=e.ownerDocument.createTextNode(e.textContent);e.parentElement.replaceChild(t,e)});var p;var f=i(u,t);u.appendChild(f),u.insertAdjacentElement("afterbegin",l),t.body.parentNode.replaceChild(u,t.body),n()};e.name="core/markdown";function n(e){return n=>{const r=Array.from(n.querySelectorAll(e));return r.reverse().forEach(e=>{e.innerHTML=(0,t.markdownToHtml)(e.innerHTML)}),r}}class r{constructor(e){this.doc=e,this.root=e.createDocumentFragment(),this.stack=[this.root],this.current=this.root}findPosition(e){return parseInt(e.tagName.charAt(1),10)}findParent(e){let t;for(;e>0;)if(e--,t=this.stack[e])return t}findHeader({firstChild:e}){for(;e;){if(/H[1-6]/.test(e.tagName))return e;e=e.nextSibling}return null}addHeader(e){const t=this.doc.createElement("section"),n=this.findPosition(e);t.appendChild(e),this.findParent(n).appendChild(t),this.stack[n]=t,this.stack.length=n+1,this.current=t}addSection(e,t){const n=this.findHeader(e),r=n?this.findPosition(n):1,i=this.findParent(r);n&&e.removeChild(n),e.appendChild(t(e)),n&&e.insertBefore(n,e.firstChild),i.appendChild(e),this.current=i}addElement(e){this.current.appendChild(e)}}function i(e,t){return function e(n){const i=new r(t);for(;n.firstChild;){const t=n.firstChild;if(t.nodeType===Node.ELEMENT_NODE)switch(t.localName){case"h1":case"h2":case"h3":case"h4":case"h5":case"h6":i.addHeader(t);break;case"section":i.addSection(t,e);break;default:i.addElement(t)}else n.removeChild(t)}return i.root}(e)}const o=n("[data-format='markdown']:not(body)"),a=n("[data-format=markdown]:not(body), section, div, address, article, aside, figure, header, main, body")}),Dha=this,Eha=function(){return function(e){var t={};function n(r){if(t[r])return t[r].exports;var i=t[r]={exports:{},id:r,loaded:!1};return e[r].call(i.exports,i,i.exports,n),i.loaded=!0,i.exports}return n.m=e,n.c=t,n.p="",n(0)}([function(e,t,n){var r=n(1).default,i=n(2).default;t.__esModule=!0;var o=r(n(3)),a=i(n(20)),s=i(n(5)),l=r(n(4)),c=r(n(21)),u=i(n(33));function d(){var e=new o.HandlebarsEnvironment;return l.extend(e,o),e.SafeString=a.default,e.Exception=s.default,e.Utils=l,e.escapeExpression=l.escapeExpression,e.VM=c,e.template=function(t){return c.template(t,e)},e}var p=d();p.create=d,u.default(p),p.default=p,t.default=p,e.exports=t.default},function(e,t){t.default=function(e){if(e&&e.__esModule)return e;var t={};if(null!=e)for(var n in e)Object.prototype.hasOwnProperty.call(e,n)&&(t[n]=e[n]);return t.default=e,t},t.__esModule=!0},function(e,t){t.default=function(e){return e&&e.__esModule?e:{default:e}},t.__esModule=!0},function(e,t,n){var r=n(2).default;t.__esModule=!0,t.HandlebarsEnvironment=u;var i=n(4),o=r(n(5)),a=n(9),s=n(17),l=r(n(19));t.VERSION="4.0.11";t.COMPILER_REVISION=7;t.REVISION_CHANGES={1:"<= 1.0.rc.2",2:"== 1.0.0-rc.3",3:"== 1.0.0-rc.4",4:"== 1.x.x",5:"== 2.0.0-alpha.x",6:">= 2.0.0-beta.1",7:">= 4.0.0"};var c="[object Object]";function u(e,t,n){this.helpers=e||{},this.partials=t||{},this.decorators=n||{},a.registerDefaultHelpers(this),s.registerDefaultDecorators(this)}u.prototype={constructor:u,logger:l.default,log:l.default.log,registerHelper:function(e,t){if(i.toString.call(e)===c){if(t)throw new o.default("Arg not supported with multiple helpers");i.extend(this.helpers,e)}else this.helpers[e]=t},unregisterHelper:function(e){delete this.helpers[e]},registerPartial:function(e,t){if(i.toString.call(e)===c)i.extend(this.partials,e);else{if(void 0===t)throw new o.default('Attempting to register a partial called "'+e+'" as undefined');this.partials[e]=t}},unregisterPartial:function(e){delete this.partials[e]},registerDecorator:function(e,t){if(i.toString.call(e)===c){if(t)throw new o.default("Arg not supported with multiple decorators");i.extend(this.decorators,e)}else this.decorators[e]=t},unregisterDecorator:function(e){delete this.decorators[e]}};var d=l.default.log;t.log=d,t.createFrame=i.createFrame,t.logger=l.default},function(e,t){t.__esModule=!0,t.extend=a,t.indexOf=function(e,t){for(var n=0,r=e.length;n
+ This specification was published by the ${e.wg}.
+ It is not a W3C Standard nor is it on the W3C Standards Track.
+ ${e.isCGFinal?t`
+ Please note that under the
+ W3C Community Final Specification Agreement (FSA)
+ other conditions apply.
+ `:t`
+ Please note that under the
+ W3C Community Contributor License Agreement (CLA)
+ there is a limited opt-out and other conditions apply.
+ `}
+ Learn more about
+ W3C Community and Business Groups.
+ If you wish to make comments regarding this document, please send them to
+ ${e.wgPublicList}@w3.org
+ (subscribe,
+ archives)${e.subjectPrefix?t`
+ with
+ This document is draft of a potential specification. It has no official standing of
+ any kind and does not represent the support or consensus of any standards organisation.
+
+ This document is merely a W3C-internal ${e.isMO?"member-confidential":""} document. It
+ has no official standing of any kind and does not represent consensus of the W3C
+ Membership.
+
+ ${[e.l10n.status_at_publication]}
+
+ By publishing this document, W3C acknowledges that the Submitting Members
+ have made a formal Submission request to W3C for discussion. Publication of this document
+ by W3C indicates no endorsement of its content by W3C, nor that W3C has, is, or will be
+ allocating any resources to the issues addressed by it. This document is not the product
+ of a chartered W3C group, but is published as potential input to
+ the W3C Process.
+ A W3C Team Comment has been
+ published in conjunction with this Member Submission. Publication of acknowledged Member Submissions
+ at the W3C site is one of the benefits of
+ W3C Membership. Please consult the requirements associated with Member Submissions of
+ section 3.3 of the
+ W3C Patent Policy. Please consult the complete list
+ of acknowledged W3C Member Submissions.
+ If you wish to make comments regarding this document, please send them to
+ ${e.wgPublicList}@w3.org
+ (subscribe,
+ archives)${e.subjectPrefix?t`
+ with Please consult the complete list of Team Submissions.
+ This document was published by ${[e.wgHTML]} as ${e.anOrA} ${e.longStatus}.
+ ${e.notYetRec?"This document is intended to become a W3C Recommendation.":""}
+ ${e.wgPublicList?t`
+ Comments regarding this document are welcome. Please send them to
+ ${e.wgPublicList}@w3.org
+ (subscribe,
+ archives)${e.subjectPrefix?t`
+ with
+ Please see the Working Group's implementation
+ report.
+
+ Publication as ${e.anOrA} ${e.textStatus} does not imply endorsement by the W3C
+ Membership. This is a draft document and may be updated, replaced or obsoleted by other
+ documents at any time. It is inappropriate to cite this document as other than work in
+ progress.
+
+ This document has been reviewed by W3C Members, by software developers, and by other W3C
+ groups and interested parties, and is endorsed by the Director as a W3C Recommendation.
+ It is a stable document and may be used as reference material or cited from another
+ document. W3C's role in making the Recommendation is to draw attention to the
+ specification and to promote its widespread deployment. This enhances the functionality
+ and interoperability of the Web.
+
+ ${e.isIGNote?"":t`
+ This document was produced by
+ ${e.multipleWGs?"groups":"a group"}
+ operating under the
+ W3C Patent Policy.
+ `}
+ ${e.recNotExpected?"The group does not expect this document to become a W3C Recommendation.":""}
+ ${e.isIGNote?"":t`
+ ${e.multipleWGs?t`W3C maintains ${[e.wgPatentHTML]}`:t`
+ W3C maintains a public list of any patent
+ disclosures
+ `}
+ made in connection with the deliverables of
+ ${e.multipleWGs?"each group; these pages also include":"the group; that page also includes"}
+ instructions for disclosing a patent. An individual who has actual knowledge of a patent
+ which the individual believes contains
+ Essential
+ Claim(s) must disclose the information in accordance with
+ section
+ 6 of the W3C Patent Policy.
+ `}
+ ${e.isIGNote?t`
+ The disclosure obligations of the Participants of this group are described in the
+ charter.
+ `:""}
+ This document is governed by the 1 February 2018 W3C Process Document.
+ ${[e.addPatentNote]}
+ ${e.multipleAlternates?"This document is also available in these non-normative formats:":"This document is also available in this non-normative format:"}
+ ${[e.alternatesHTML]}
+
+ Copyright ©
+ ${e.copyrightStart?`${e.copyrightStart}-`:""}${e.publishYear}
+ the Contributors to the ${e.title} Specification, published by the
+ ${e.wg} under the
+ ${e.isCGFinal?t`
+ W3C Community Final Specification Agreement (FSA).
+ A human-readable summary is available.
+ `:t`
+ W3C Community Contributor License Agreement (CLA).
+ A human-readable summary is available.
+ `}
+ The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “NOT RECOMMENDED”, “MAY”, and “OPTIONAL” in this document are to be interpreted as described in BCP 14 [[!RFC2119]] [[!RFC8174]] when, and only when, they appear in all capitals, as shown here. This document is licensed under The Apache License, Version 2.0. The OpenAPI Specification (OAS) defines a standard, language-agnostic interface to HTTP APIs which allows both humans and computers to discover and understand the capabilities of the service without access to source code, documentation, or through network traffic inspection. When properly defined, a consumer can understand and interact with the remote service with a minimal amount of implementation logic. An OpenAPI definition can then be used by documentation generation tools to display the API, code generation tools to generate servers and clients in various programming languages, testing tools, and many other use cases. A self-contained or composite resource which defines or describes an API or elements of an API. The OpenAPI document MUST contain at least one paths field, a components field or a webhooks field. An OpenAPI document uses and conforms to the OpenAPI Specification. Path templating refers to the usage of template expressions, delimited by curly braces ({}), to mark a section of a URL path as replaceable using path parameters. Each template expression in the path MUST correspond to a path parameter that is included in the Path Item itself and/or in each of the Path Item’s Operations. An exception is if the path item is empty, for example due to ACL constraints, matching path parameters are not required. The value for these path parameters MUST NOT contain any unescaped “generic syntax” characters described by [[!RFC3986]]: forward slashes ( Media type definitions are spread across several resources.
+The media type definitions SHOULD be in compliance with [[!RFC6838]]. Some examples of possible media type definitions: The HTTP Status Codes are used to indicate the status of the executed operation.
+The available status codes are defined by [[!RFC7231]] and registered status codes are listed in the IANA Status Code Registry. The OpenAPI Specification is versioned using a Occasionally, non-backwards compatible changes may be made in An OpenAPI document compatible with OAS 3.*.* contains a required An OpenAPI document that conforms to the OpenAPI Specification is itself a JSON object, which may be represented either in JSON or YAML format. For example, if a field has an array value, the JSON array representation will be used: All field names in the specification are case sensitive.
+This includes all fields that are used as keys in a map, except where explicitly noted that keys are case insensitive. The schema exposes two types of fields: Fixed fields, which have a declared name, and Patterned fields, which declare a regex pattern for the field name. Patterned fields MUST have unique names within the containing object. In order to preserve the ability to round-trip between YAML and JSON formats, YAML version 1.2 is RECOMMENDED along with some additional constraints: Note: While APIs may be defined by OpenAPI documents in either YAML or JSON format, the API request and response bodies and other content are not required to be JSON or YAML. An OpenAPI document MAY be made up of a single document or be divided into multiple, connected parts at the discretion of the author. In the latter case, It is RECOMMENDED that the root OpenAPI document be named: Data types in the OAS are based on the types supported by the JSON Schema Specification Draft 2020-12.
+Note that As defined by the JSON Schema Validation vocabulary, data types can have an optional modifier property: The formats defined by the OAS are: Throughout the specification Unless specified otherwise, all properties that are URIs MAY be relative references as defined by [[!RFC3986]]. Relative references, including those in If a URI contains a fragment identifier, then the fragment should be resolved per the fragment resolution mechanism of the referenced document. If the representation of the referenced document is JSON or YAML, then the fragment identifier SHOULD be interpreted as a JSON-Pointer as per [[!RFC6901]]. Relative references in Unless specified otherwise, all properties that are URLs MAY be relative references as defined by [[!RFC3986]].
+Unless specified otherwise, relative references are resolved using the URLs defined in the In the following description, if a field is not explicitly REQUIRED or described with a MUST or SHALL, it can be considered OPTIONAL. This is the root object of the OpenAPI document. This object MAY be extended with Specification Extensions. The object provides metadata about the API.
+The metadata MAY be used by the clients if needed, and MAY be presented in editing or documentation generation tools for convenience. This object MAY be extended with Specification Extensions. Contact information for the exposed API. This object MAY be extended with Specification Extensions. License information for the exposed API. This object MAY be extended with Specification Extensions. An object representing a Server. This object MAY be extended with Specification Extensions. A single server would be described as: The following shows how multiple servers can be described, for example, at the OpenAPI Object’s The following shows how variables can be used for a server configuration: An object representing a Server Variable for server URL template substitution. This object MAY be extended with Specification Extensions. Holds a set of reusable objects for different aspects of the OAS.
+All objects defined within the components object will have no effect on the API unless they are explicitly referenced from properties outside the components object. This object MAY be extended with Specification Extensions. All the fixed fields declared above are objects that MUST use keys that match the regular expression: Field Name Examples: Holds the relative paths to the individual endpoints and their operations.
+The path is appended to the URL from the This object MAY be extended with Specification Extensions. Assuming the following paths, the concrete definition, The following paths are considered identical and invalid: The following may lead to ambiguous resolution: Describes the operations available on a single path.
+A Path Item MAY be empty, due to ACL constraints.
+The path itself is still exposed to the documentation viewer but they will not know which operations and parameters are available. This object MAY be extended with Specification Extensions. Describes a single API operation on a path. This object MAY be extended with Specification Extensions. Allows referencing an external resource for extended documentation. This object MAY be extended with Specification Extensions. Describes a single operation parameter. A unique parameter is defined by a combination of a name and location. There are four possible parameter locations specified by the The rules for serialization of the parameter are specified in one of two ways.
+For simpler scenarios, a For more complex scenarios, the In order to support common ways of serializing simple parameters, a set of Assume a parameter named The following table shows examples of rendering differences for each value. This object MAY be extended with Specification Extensions. A header parameter with an array of 64 bit integer numbers: A path parameter of a string value: An optional query parameter of a string value, allowing multiple values by repeating the query parameter: A free-form query parameter, allowing undefined parameters of a specific type: A complex parameter using Describes a single request body. This object MAY be extended with Specification Extensions. A request body with a referenced model definition. A body parameter that is an array of string values: Each Media Type Object provides schema and examples for the media type identified by its key. This object MAY be extended with Specification Extensions. In contrast with the 2.0 specification, In contrast with the 3.0 specification, the JSON Schema also offers a Examples: Content transferred in binary (octet-stream) MAY omit Binary content transferred with base64 encoding: Note that the These examples apply to either input payloads of file uploads or response payloads. A In addition, specific media types MAY be specified: To upload multiple files, a As seen in the section on To submit content using form url encoding via [[!RFC1866]], the following
+definition may be used: In this example, the contents in the When passing complex objects in the It is common to use In a When passing in Per the JSON Schema specification, Examples: An A single encoding definition applied to a single schema property. This object MAY be extended with Specification Extensions. A container for the expected responses of an operation.
+The container maps a HTTP response code to the expected response. The documentation is not necessarily expected to cover all possible HTTP response codes because they may not be known in advance.
+However, documentation is expected to cover a successful operation response and any known errors. The The This object MAY be extended with Specification Extensions. A 200 response for a successful operation and a default response for others (implying an error): Describes a single response from an API Operation, including design-time, static
+ This object MAY be extended with Specification Extensions. Response of an array of a complex type: Response with a string type: Plain text response with headers: Response with no return value: A map of possible out-of band callbacks related to the parent operation.
+Each value in the map is a Path Item Object that describes a set of requests that may be initiated by the API provider and the expected responses.
+The key value used to identify the path item object is an expression, evaluated at runtime, that identifies a URL to use for the callback operation. To describe incoming requests from the API provider independent from another API call, use the This object MAY be extended with Specification Extensions. The key that identifies the Path Item Object is a runtime expression that can be evaluated in the context of a runtime HTTP request/response to identify the URL to be used for the callback request.
+A simple example might be For example, given the following HTTP request: The following examples show how the various expressions evaluate, assuming the callback operation has a path parameter named The following example uses the user provided The following example shows a callback where the server is hard-coded, but the query string parameters are populated from the This object MAY be extended with Specification Extensions. In all cases, the example value is expected to be compatible with the type schema
+of its associated value. Tooling implementations MAY choose to
+validate compatibility automatically, and reject the example value(s) if incompatible. In a request body: In a parameter: In a response: The Unlike dynamic links (i.e. links provided in the response payload), the OAS linking mechanism does not require link information in the runtime response. For computing links, and providing instructions to execute them, a runtime expression is used for accessing values in an operation and using them as parameters while invoking the linked operation. This object MAY be extended with Specification Extensions. A linked operation MUST be identified using either an Computing a link from a request operation where the When a runtime expression fails to evaluate, no parameter value is passed to the target operation. Values from the response body can be used to drive a linked operation. Clients follow all links at their discretion.
+Neither permissions, nor the capability to make a successful call to that link, is guaranteed
+solely by the existence of a relationship. As references to or an absolute Note that in the use of Runtime expressions allow defining values based on information that will only be available within the HTTP message in an actual API call.
+This mechanism is used by Link Objects and Callback Objects. The runtime expression is defined by the following ABNF syntax Here, The The table below provides examples of runtime expressions and examples of their use in a value: Runtime expressions preserve the type of the referenced value.
+Expressions can be embedded into string values by surrounding the expression with The Header Object follows the structure of the Parameter Object with the following changes: A simple header of type Adds metadata to a single tag that is used by the Operation Object.
+It is not mandatory to have a Tag Object per tag defined in the Operation Object instances. This object MAY be extended with Specification Extensions. A simple object to allow referencing other components in the OpenAPI document, internally and externally. The See the rules for resolving Relative References. This object cannot be extended with additional properties and any properties added SHALL be ignored. Note that this restriction on additional properties is a difference between Reference Objects and The Schema Object allows the definition of input and output data types.
+These types can be objects, but also primitives and arrays. This object is a superset of the JSON Schema Specification Draft 2020-12. For more information about the properties, see JSON Schema Core and JSON Schema Validation. Unless stated otherwise, the property definitions follow those of JSON Schema and do not add any additional semantics.
+Where JSON Schema indicates that behavior is defined by the application (e.g. for annotations), OAS also defers the definition of semantics to the application consuming the OpenAPI document. The OpenAPI Schema Object dialect is defined as requiring the OAS base vocabulary, in addition to the vocabularies as specified in the JSON Schema draft 2020-12 general purpose meta-schema. The OpenAPI Schema Object dialect for this version of the specification is identified by the URI The following properties are taken from the JSON Schema specification but their definitions have been extended by the OAS: In addition to the JSON Schema properties comprising the OAS dialect, the Schema Object supports keywords from any other vocabularies, or entirely arbitrary properties. The OpenAPI Specification’s base vocabulary is comprised of the following keywords: This object MAY be extended with Specification Extensions, though as noted, additional properties MAY omit the The OpenAPI Specification allows combining and extending model definitions using the While composition offers model extensibility, it does not imply a hierarchy between the models.
+To support polymorphism, the OpenAPI Specification adds the The xml property allows extra definitions when translating the JSON definition to XML.
+The XML Object contains additional information about the available options. It is important for tooling to be able to determine which dialect or meta-schema any given resource wishes to be processed with: JSON Schema Core, JSON Schema Validation, OpenAPI Schema dialect, or some custom meta-schema. The To allow use of a different default When a Schema Object is referenced from an external resource which is not an OAS document (e.g. a bare JSON Schema resource), then the value of the For a simple string to string mapping: For a string to model mapping: When request bodies or response payloads may be one of a number of different schemas, a When using the discriminator, inline schemas will not be considered. This object MAY be extended with Specification Extensions. The discriminator object is legal only when using one of the composite keywords In OAS 3.0, a response payload MAY be described to be exactly one of any number of types: which means the payload MUST, by validation, match exactly one of the schemas described by The expectation now is that a property with name Will indicate that the In scenarios where the value of the discriminator field does not match the schema name or implicit mapping is not possible, an optional Here the discriminator value of When used in conjunction with the In both the For example: a payload like this: will indicate that the will map to A metadata object that allows for more fine-tuned XML model definitions. When using arrays, XML element names are not inferred (for singular/plural forms) and the This object MAY be extended with Specification Extensions. The examples of the XML object definitions are included inside a property definition of a Schema Object with a sample of the XML representation of it. Basic string property: Basic string array property ( In this example, a full model definition is shown. Changing the element names: The external Even when the array is wrapped, if a name is not explicitly defined, the same name will be used both internally and externally: To overcome the naming problem in the example above, the following definition can be used: Affecting both internal and external names: If we change the external element but not the internal ones: Defines a security scheme that can be used by the operations. Supported schemes are HTTP authentication, an API key (either as a header, a cookie parameter or as a query parameter), mutual TLS (use of a client certificate), OAuth2’s common flows (implicit, password, client credentials and authorization code) as defined in [[!RFC6749]], and OpenID Connect Discovery.
+Please note that as of 2020, the implicit flow is about to be deprecated by OAuth 2.0 Security Best Current Practice. Recommended for most use case is Authorization Code Grant flow with PKCE. This object MAY be extended with Specification Extensions. Allows configuration of the supported OAuth Flows. This object MAY be extended with Specification Extensions. Configuration details for a supported OAuth Flow This object MAY be extended with Specification Extensions. Lists the required security schemes to execute this operation.
+The name used for each property MUST correspond to a security scheme declared in the Security Schemes under the Components Object. Security Requirement Objects that contain multiple schemes require that all schemes MUST be satisfied for a request to be authorized.
+This enables support for scenarios where multiple query parameters or HTTP headers are required to convey security information. When a list of Security Requirement Objects is defined on the OpenAPI Object or Operation Object, only one of the Security Requirement Objects in the list needs to be satisfied to authorize the request. Optional OAuth2 security as would be defined in an OpenAPI Object or an Operation Object: While the OpenAPI Specification tries to accommodate most use cases, additional data can be added to extend the specification at certain points. The extensions properties are implemented as patterned fields that are always prefixed by The extensions may or may not be supported by the available tooling, but those may be extended as well to add requested support (if tools are internal or open-sourced). Some objects in the OpenAPI Specification MAY be declared and remain empty, or be completely removed, even though they are inherently the core of the API documentation. The reasoning is to allow an additional layer of access control over the documentation.
+While not part of the specification itself, certain libraries MAY choose to allow access to parts of the documentation based on some form of authentication/authorization. Two examples of this: The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “MAY”, and “OPTIONAL” in this document are to be interpreted as described in [!RFC2119]. The Swagger specification is licensed under The Apache License, Version 2.0. Swagger™ is a project used to describe and document RESTful APIs. The Swagger specification defines a set of files required to describe such an API. These files can then be used by the Swagger-UI project to display the API and Swagger-Codegen to generate clients in various languages. Additional utilities can also take advantage of the resulting files, such as testing tools. Path templating refers to the usage of curly braces ({}) to mark a section of a URL path as replaceable using path parameters. Mime type definitions are spread across several resources. The mime type definitions should be in compliance with [[!RFC6838]]. Some examples of possible mime type definitions: The HTTP Status Codes are used to indicate the status of the executed operation. The available status codes are described by [[!RFC7231]] and in the IANA Status Code Registry. The files describing the RESTful API in accordance with the Swagger specification are represented as JSON objects and conform to the JSON standards. YAML, being a superset of JSON, can be used as well to
+represent a Swagger specification file. For example, if a field is said to have an array value, the JSON array representation will be used: While the API is described using JSON it does not impose a JSON input/output to the API itself. All field names in the specification are case sensitive. The schema exposes two types of fields. Fixed fields, which have a declared name, and Patterned fields, which declare a regex pattern for the field name. Patterned fields can have multiple occurrences as long as each has a unique name. The Swagger representation of the API is made of a single file. However, parts of the definitions can be split into separate files, at the discretion of the user. This is applicable for By convention, the Swagger specification file is named Primitive data types in the Swagger Specification are based on the types supported by the JSON-Schema Draft 4. Models are described using the Schema Object which is a subset of JSON Schema Draft 4. An additional primitive data type Primitives have an optional modifier property This is the root document object for the API specification. It combines what previously was the Resource Listing and API Declaration (version 1.2 and earlier) together into one document. The object provides metadata about the API. The metadata can be used by the clients if needed, and can be presented in the Swagger-UI for convenience. Contact information for the exposed API. License information for the exposed API. Holds the relative paths to the individual endpoints. The path is appended to the Describes the operations available on a single path.
+A Path Item may be empty, due to ACL constraints. The path itself is still exposed to the documentation viewer but they will not know which operations and parameters are available. Describes a single API operation on a path. Allows referencing an external resource for extended documentation. Describes a single operation parameter. A unique parameter is defined by a combination of a name and location. There are five possible parameter types. If If A body parameter with a referenced schema definition (normally for a model definition): A body parameter that is an array of string values: A header parameter with an array of 64 bit integer numbers: A path parameter of a string value: An optional query parameter of a string value, allowing multiple values by repeating the query parameter: A form data with file type for a file upload: A limited subset of JSON-Schema’s items object. It is used by parameter definitions that are not located Items must be of type string and have the minimum length of 2 characters: An array of arrays, the internal array being of type integer, numbers must be between 0 and 63 (inclusive): A container for the expected responses of an operation. The container maps a HTTP response code to the expected response. It is not expected from the documentation to necessarily cover all possible HTTP response codes, since they may not be known in advance. However, it is expected from the documentation to cover a successful operation response and any known errors. The The A 200 response for successful operation and a default response for others (implying an error): Describes a single response from an API Operation. Response of an array of a complex type: Response with a string type: Response with headers: Response with no return value: Lists the headers that can be sent as part of a response. Rate-limit headers: Allows sharing examples for operation responses. Example response for application/json mimetype of a Pet data type: A simple header with of an integer type: Allows adding meta data to a single tag that is used by the Operation Object. It is not mandatory to have a Tag Object per tag used there. A simple object to allow referencing other definitions in the specification. It can be used to reference parameters and responses that are defined at the top level for reuse. The Reference Object is a JSON Reference that uses a JSON Pointer as its value. For this specification, only canonical dereferencing is supported. The Schema Object allows the definition of input and output data types. These types can be objects, but also primitives and arrays. This object is based on the JSON Schema Specification Draft 4 and uses a predefined subset of it. On top of this subset, there are extensions provided by this specification to allow for more complete documentation. Further information about the properties can be found in JSON Schema Core and JSON Schema Validation. Unless stated otherwise, the property definitions follow the JSON Schema specification as referenced here. The following properties are taken directly from the JSON Schema definition and follow the same specifications: The following properties are taken from the JSON Schema definition but their definitions were adjusted to the Swagger Specification. Their definition is the same as the one from JSON Schema, only where the original definition references the JSON Schema definition, the Schema Object definition is used instead. Other than the JSON Schema subset fields, the following fields may be used for further schema documentation. Swagger allows combining and extending model definitions using the While composition offers model extensibility, it does not imply a hierarchy between the models. To support polymorphism, Swagger adds the support of the The xml property allows extra definitions when translating the JSON definition to XML. The XML Object contains additional information about the available options. Unlike previous versions of Swagger, Schema definitions can be used to describe primitive and arrays as well. For a simple string to string mapping: For a string to model mapping: A metadata object that allows for more fine-tuned XML model definitions. When using arrays, XML element names are not inferred (for singular/plural forms) and the The examples of the XML object definitions are included inside a property definition of a Schema Object with a sample of the XML representation of it. Basic string property: Basic string array property ( In this example, a full model definition is shown. Changing the element names: The external Even when the array is wrapped, if no name is explicitly defined, the same name will be used both internally and externally: To overcome the above example, the following definition can be used: Affecting both internal and external names: If we change the external element but not the internal ones: An object to hold data types that can be consumed and produced by operations. These data types can be primitives, arrays or models. An object to hold parameters to be reused across operations. Parameter definitions can be referenced to the ones defined here. This does not define global operation parameters. An object to hold responses to be reused across operations. Response definitions can be referenced to the ones defined here. This does not define global operation responses. A declaration of the security schemes available to be used in the specification. This does not enforce the security schemes on the operations and only serves to provide the relevant details for each scheme. Allows the definition of a security scheme that can be used by the operations. Supported schemes are basic authentication, an API key (either as a header or as a query parameter) and OAuth2’s common flows (implicit, password, application and access code). Lists the available scopes for an OAuth2 security scheme. Lists the required security schemes to execute this operation. The object can have multiple security schemes declared in it which are all required (that is, there is a logical AND between the schemes). The name used for each property MUST correspond to a security scheme declared in the Security Definitions. While the Swagger Specification tries to accommodate most use cases, additional data can be added to extend the specification at certain points. The extensions properties are always prefixed by The extensions may or may not be supported by the available tooling, but those may be extended as well to add requested support (if tools are internal or open-sourced). Some objects in the Swagger specification may be declared and remain empty, or completely be removed, even though they are inherently the core of the API documentation. The reasoning behind it is to allow an additional layer of access control over the documentation itself. While not part of the specification itself, certain libraries may choose to allow access to parts of the documentation based on some form of authentication/authorization. Two examples for this: The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “NOT RECOMMENDED”, “MAY”, and “OPTIONAL” in this document are to be interpreted as described in BCP 14 [[!RFC2119]] [[!RFC8174]] when, and only when, they appear in all capitals, as shown here. This document is licensed under The Apache License, Version 2.0. The OpenAPI Specification (OAS) defines a standard, language-agnostic interface to RESTful APIs which allows both humans and computers to discover and understand the capabilities of the service without access to source code, documentation, or through network traffic inspection. When properly defined, a consumer can understand and interact with the remote service with a minimal amount of implementation logic. An OpenAPI definition can then be used by documentation generation tools to display the API, code generation tools to generate servers and clients in various programming languages, testing tools, and many other use cases. A document (or set of documents) that defines or describes an API. An OpenAPI definition uses and conforms to the OpenAPI Specification. Path templating refers to the usage of curly braces ({}) to mark a section of a URL path as replaceable using path parameters. Media type definitions are spread across several resources.
+The media type definitions SHOULD be in compliance with [[!RFC6838]]. Some examples of possible media type definitions: The HTTP Status Codes are used to indicate the status of the executed operation.
+The available status codes are defined by [[!RFC7231]] and registered status codes are listed in the IANA Status Code Registry. The OpenAPI Specification is versioned using Semantic Versioning 2.0.0 (semver) and follows the semver specification. The Subsequent minor version releases of the OpenAPI Specification (incrementing the An OpenAPI document compatible with OAS 3.*.* contains a required An OpenAPI document that conforms to the OpenAPI Specification is itself a JSON object, which may be represented either in JSON or YAML format. For example, if a field has an array value, the JSON array representation will be used: All field names in the specification are case sensitive. The schema exposes two types of fields: Fixed fields, which have a declared name, and Patterned fields, which declare a regex pattern for the field name. Patterned fields MUST have unique names within the containing object. In order to preserve the ability to round-trip between YAML and JSON formats, YAML version 1.2 is RECOMMENDED along with some additional constraints: Note: While APIs may be defined by OpenAPI documents in either YAML or JSON format, the API request and response bodies and other content are not required to be JSON or YAML. An OpenAPI document MAY be made up of a single document or be divided into multiple, connected parts at the discretion of the user. In the latter case, It is RECOMMENDED that the root OpenAPI document be named: Primitive data types in the OAS are based on the types supported by the JSON Schema Specification Wright Draft 00.
+Note that Primitives have an optional modifier property: The formats defined by the OAS are: Throughout the specification Unless specified otherwise, all properties that are URLs MAY be relative references as defined by [[!RFC3986]].
+Relative references are resolved using the URLs defined in the Relative references used in In the following description, if a field is not explicitly REQUIRED or described with a MUST or SHALL, it can be considered OPTIONAL. This is the root document object of the OpenAPI document. This object MAY be extended with Specification Extensions. The object provides metadata about the API.
+The metadata MAY be used by the clients if needed, and MAY be presented in editing or documentation generation tools for convenience. This object MAY be extended with Specification Extensions. Contact information for the exposed API. This object MAY be extended with Specification Extensions. License information for the exposed API. This object MAY be extended with Specification Extensions. An object representing a Server. This object MAY be extended with Specification Extensions. A single server would be described as: The following shows how multiple servers can be described, for example, at the OpenAPI Object’s The following shows how variables can be used for a server configuration: An object representing a Server Variable for server URL template substitution. This object MAY be extended with Specification Extensions. Holds a set of reusable objects for different aspects of the OAS.
+All objects defined within the components object will have no effect on the API unless they are explicitly referenced from properties outside the components object. This object MAY be extended with Specification Extensions. All the fixed fields declared above are objects that MUST use keys that match the regular expression: Field Name Examples: Holds the relative paths to the individual endpoints and their operations.
+The path is appended to the URL from the This object MAY be extended with Specification Extensions. Assuming the following paths, the concrete definition, The following paths are considered identical and invalid: The following may lead to ambiguous resolution: Describes the operations available on a single path.
+A Path Item MAY be empty, due to ACL constraints.
+The path itself is still exposed to the documentation viewer but they will not know which operations and parameters are available. This object MAY be extended with Specification Extensions. Describes a single API operation on a path. This object MAY be extended with Specification Extensions. Allows referencing an external resource for extended documentation. This object MAY be extended with Specification Extensions. Describes a single operation parameter. A unique parameter is defined by a combination of a name and location. There are four possible parameter locations specified by the The rules for serialization of the parameter are specified in one of two ways.
+For simpler scenarios, a For more complex scenarios, the In order to support common ways of serializing simple parameters, a set of Assume a parameter named The following table shows examples of rendering differences for each value. This object MAY be extended with Specification Extensions. A header parameter with an array of 64 bit integer numbers: A path parameter of a string value: An optional query parameter of a string value, allowing multiple values by repeating the query parameter: A free-form query parameter, allowing undefined parameters of a specific type: A complex parameter using Describes a single request body. This object MAY be extended with Specification Extensions. A request body with a referenced model definition. A body parameter that is an array of string values: Each Media Type Object provides schema and examples for the media type identified by its key. This object MAY be extended with Specification Extensions. In contrast with the 2.0 specification, These examples apply to either input payloads of file uploads or response payloads. A In addition, specific media types MAY be specified: To upload multiple files, a To submit content using form url encoding via [[!RFC1866]], the following
+definition may be used: In this example, the contents in the When passing complex objects in the It is common to use When passing in Examples: An A single encoding definition applied to a single schema property. This object MAY be extended with Specification Extensions. A container for the expected responses of an operation.
+The container maps a HTTP response code to the expected response. The documentation is not necessarily expected to cover all possible HTTP response codes because they may not be known in advance.
+However, documentation is expected to cover a successful operation response and any known errors. The The This object MAY be extended with Specification Extensions. A 200 response for a successful operation and a default response for others (implying an error): Describes a single response from an API Operation, including design-time, static
+ This object MAY be extended with Specification Extensions. Response of an array of a complex type: Response with a string type: Plain text response with headers: Response with no return value: A map of possible out-of band callbacks related to the parent operation.
+Each value in the map is a Path Item Object that describes a set of requests that may be initiated by the API provider and the expected responses.
+The key value used to identify the callback object is an expression, evaluated at runtime, that identifies a URL to use for the callback operation. This object MAY be extended with Specification Extensions. The key that identifies the Path Item Object is a runtime expression that can be evaluated in the context of a runtime HTTP request/response to identify the URL to be used for the callback request.
+A simple example might be For example, given the following HTTP request: The following examples show how the various expressions evaluate, assuming the callback operation has a path parameter named The following example shows a callback to the URL specified by the This object MAY be extended with Specification Extensions. In all cases, the example value is expected to be compatible with the type schema
+of its associated value. Tooling implementations MAY choose to
+validate compatibility automatically, and reject the example value(s) if incompatible. The Unlike dynamic links (i.e. links provided in the response payload), the OAS linking mechanism does not require link information in the runtime response. For computing links, and providing instructions to execute them, a runtime expression is used for accessing values in an operation and using them as parameters while invoking the linked operation. This object MAY be extended with Specification Extensions. A linked operation MUST be identified using either an Computing a link from a request operation where the When a runtime expression fails to evaluate, no parameter value is passed to the target operation. Values from the response body can be used to drive a linked operation. Clients follow all links at their discretion.
+Neither permissions, nor the capability to make a successful call to that link, is guaranteed
+solely by the existence of a relationship. As references to or an absolute Note that in the use of Runtime expressions allow defining values based on information that will only be available within the HTTP message in an actual API call.
+This mechanism is used by Link Objects and Callback Objects. The runtime expression is defined by the following ABNF syntax The The table below provides examples of runtime expressions and examples of their use in a value: Runtime expressions preserve the type of the referenced value.
+Expressions can be embedded into string values by surrounding the expression with The Header Object follows the structure of the Parameter Object with the following changes: A simple header of type Adds metadata to a single tag that is used by the Operation Object.
+It is not mandatory to have a Tag Object per tag defined in the Operation Object instances. This object MAY be extended with Specification Extensions. In an In all cases, the payload is expected to be compatible with the type schema
+for the associated value. Tooling implementations MAY choose to
+validate compatibility automatically, and reject the example value(s) if they
+are incompatible. A simple object to allow referencing other components in the specification, internally and externally. The Reference Object is defined by JSON Reference and follows the same structure, behavior and rules. For this specification, reference resolution is accomplished as defined by the JSON Reference specification and not by the JSON Schema specification. This object cannot be extended with additional properties and any properties added SHALL be ignored. The Schema Object allows the definition of input and output data types.
+These types can be objects, but also primitives and arrays.
+This object is an extended subset of the JSON Schema Specification Wright Draft 00. For more information about the properties, see JSON Schema Core and JSON Schema Validation.
+Unless stated otherwise, the property definitions follow the JSON Schema. The following properties are taken directly from the JSON Schema definition and follow the same specifications: The following properties are taken from the JSON Schema definition but their definitions were adjusted to the OpenAPI Specification. Alternatively, any time a Schema Object can be used, a Reference Object can be used in its place. This allows referencing definitions instead of defining them inline. Additional properties defined by the JSON Schema specification that are not mentioned here are strictly unsupported. Other than the JSON Schema subset fields, the following fields MAY be used for further schema documentation: This object MAY be extended with Specification Extensions. The OpenAPI Specification allows combining and extending model definitions using the While composition offers model extensibility, it does not imply a hierarchy between the models.
+To support polymorphism, the OpenAPI Specification adds the The xml property allows extra definitions when translating the JSON definition to XML.
+The XML Object contains additional information about the available options. For a simple string to string mapping: For a string to model mapping: When request bodies or response payloads may be one of a number of different schemas, a When using the discriminator, inline schemas will not be considered. The discriminator attribute is legal only when using one of the composite keywords In OAS 3.0, a response payload MAY be described to be exactly one of any number of types: which means the payload MUST, by validation, match exactly one of the schemas described by The expectation now is that a property with name Will indicate that the In scenarios where the value of the discriminator field does not match the schema name or implicit mapping is not possible, an optional Here the discriminator value of When used in conjunction with the In both the For example: a payload like this: will indicate that the will map to A metadata object that allows for more fine-tuned XML model definitions. When using arrays, XML element names are not inferred (for singular/plural forms) and the This object MAY be extended with Specification Extensions. The examples of the XML object definitions are included inside a property definition of a Schema Object with a sample of the XML representation of it. Basic string property: Basic string array property ( In this example, a full model definition is shown. Changing the element names: The external Even when the array is wrapped, if a name is not explicitly defined, the same name will be used both internally and externally: To overcome the naming problem in the example above, the following definition can be used: Affecting both internal and external names: If we change the external element but not the internal ones: Defines a security scheme that can be used by the operations.
+Supported schemes are HTTP authentication, an API key (either as a header or as a query parameter), OAuth2’s common flows (implicit, password, application and access code) as defined in [[!RFC6749]], and OpenID Connect Discovery. This object MAY be extended with Specification Extensions. Allows configuration of the supported OAuth Flows. This object MAY be extended with Specification Extensions. Configuration details for a supported OAuth Flow This object MAY be extended with Specification Extensions. Lists the required security schemes to execute this operation.
+The name used for each property MUST correspond to a security scheme declared in the Security Schemes under the Components Object. Security Requirement Objects that contain multiple schemes require that all schemes MUST be satisfied for a request to be authorized.
+This enables support for scenarios where multiple query parameters or HTTP headers are required to convey security information. When a list of Security Requirement Objects is defined on the Open API object or Operation Object, only one of Security Requirement Objects in the list needs to be satisfied to authorize the request. While the OpenAPI Specification tries to accommodate most use cases, additional data can be added to extend the specification at certain points. The extensions properties are implemented as patterned fields that are always prefixed by The extensions may or may not be supported by the available tooling, but those may be extended as well to add requested support (if tools are internal or open-sourced). Some objects in the OpenAPI Specification MAY be declared and remain empty, or be completely removed, even though they are inherently the core of the API documentation. The reasoning is to allow an additional layer of access control over the documentation.
+While not part of the specification itself, certain libraries MAY choose to allow access to parts of the documentation based on some form of authentication/authorization. Two examples of this: The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “NOT RECOMMENDED”, “MAY”, and “OPTIONAL” in this document are to be interpreted as described in BCP 14 [[!RFC2119]] [[!RFC8174]] when, and only when, they appear in all capitals, as shown here. This document is licensed under The Apache License, Version 2.0. The OpenAPI Specification (OAS) defines a standard, language-agnostic interface to RESTful APIs which allows both humans and computers to discover and understand the capabilities of the service without access to source code, documentation, or through network traffic inspection. When properly defined, a consumer can understand and interact with the remote service with a minimal amount of implementation logic. An OpenAPI definition can then be used by documentation generation tools to display the API, code generation tools to generate servers and clients in various programming languages, testing tools, and many other use cases. A document (or set of documents) that defines or describes an API. An OpenAPI definition uses and conforms to the OpenAPI Specification. Path templating refers to the usage of curly braces ({}) to mark a section of a URL path as replaceable using path parameters. Media type definitions are spread across several resources.
+The media type definitions SHOULD be in compliance with [[!RFC6838]]. Some examples of possible media type definitions: The HTTP Status Codes are used to indicate the status of the executed operation.
+The available status codes are defined by [[!RFC7231]] and registered status codes are listed in the IANA Status Code Registry. The OpenAPI Specification is versioned using Semantic Versioning 2.0.0 (semver) and follows the semver specification. The Subsequent minor version releases of the OpenAPI Specification (incrementing the An OpenAPI document compatible with OAS 3.*.* contains a required An OpenAPI document that conforms to the OpenAPI Specification is itself a JSON object, which may be represented either in JSON or YAML format. For example, if a field has an array value, the JSON array representation will be used: All field names in the specification are case sensitive. The schema exposes two types of fields: Fixed fields, which have a declared name, and Patterned fields, which declare a regex pattern for the field name. Patterned fields MUST have unique names within the containing object. In order to preserve the ability to round-trip between YAML and JSON formats, YAML version 1.2 is RECOMMENDED along with some additional constraints: Note: While APIs may be defined by OpenAPI documents in either YAML or JSON format, the API request and response bodies and other content are not required to be JSON or YAML. An OpenAPI document MAY be made up of a single document or be divided into multiple, connected parts at the discretion of the user. In the latter case, It is RECOMMENDED that the root OpenAPI document be named: Primitive data types in the OAS are based on the types supported by the JSON Schema Specification Wright Draft 00.
+Note that Primitives have an optional modifier property: The formats defined by the OAS are: Throughout the specification Unless specified otherwise, all properties that are URLs MAY be relative references as defined by [[!RFC3986]].
+Relative references are resolved using the URLs defined in the Relative references used in In the following description, if a field is not explicitly REQUIRED or described with a MUST or SHALL, it can be considered OPTIONAL. This is the root document object of the OpenAPI document. This object MAY be extended with Specification Extensions. The object provides metadata about the API.
+The metadata MAY be used by the clients if needed, and MAY be presented in editing or documentation generation tools for convenience. This object MAY be extended with Specification Extensions. Contact information for the exposed API. This object MAY be extended with Specification Extensions. License information for the exposed API. This object MAY be extended with Specification Extensions. An object representing a Server. This object MAY be extended with Specification Extensions. A single server would be described as: The following shows how multiple servers can be described, for example, at the OpenAPI Object’s The following shows how variables can be used for a server configuration: An object representing a Server Variable for server URL template substitution. This object MAY be extended with Specification Extensions. Holds a set of reusable objects for different aspects of the OAS.
+All objects defined within the components object will have no effect on the API unless they are explicitly referenced from properties outside the components object. This object MAY be extended with Specification Extensions. All the fixed fields declared above are objects that MUST use keys that match the regular expression: Field Name Examples: Holds the relative paths to the individual endpoints and their operations.
+The path is appended to the URL from the This object MAY be extended with Specification Extensions. Assuming the following paths, the concrete definition, The following paths are considered identical and invalid: The following may lead to ambiguous resolution: Describes the operations available on a single path.
+A Path Item MAY be empty, due to ACL constraints.
+The path itself is still exposed to the documentation viewer but they will not know which operations and parameters are available. This object MAY be extended with Specification Extensions. Describes a single API operation on a path. This object MAY be extended with Specification Extensions. Allows referencing an external resource for extended documentation. This object MAY be extended with Specification Extensions. Describes a single operation parameter. A unique parameter is defined by a combination of a name and location. There are four possible parameter locations specified by the The rules for serialization of the parameter are specified in one of two ways.
+For simpler scenarios, a For more complex scenarios, the In order to support common ways of serializing simple parameters, a set of Assume a parameter named The following table shows examples of rendering differences for each value. This object MAY be extended with Specification Extensions. A header parameter with an array of 64 bit integer numbers: A path parameter of a string value: An optional query parameter of a string value, allowing multiple values by repeating the query parameter: A free-form query parameter, allowing undefined parameters of a specific type: A complex parameter using Describes a single request body. This object MAY be extended with Specification Extensions. A request body with a referenced model definition. A body parameter that is an array of string values: Each Media Type Object provides schema and examples for the media type identified by its key. This object MAY be extended with Specification Extensions. In contrast with the 2.0 specification, These examples apply to either input payloads of file uploads or response payloads. A In addition, specific media types MAY be specified: To upload multiple files, a To submit content using form url encoding via [[!RFC1866]], the following
+definition may be used: In this example, the contents in the When passing complex objects in the It is common to use When passing in Examples: An A single encoding definition applied to a single schema property. This object MAY be extended with Specification Extensions. A container for the expected responses of an operation.
+The container maps a HTTP response code to the expected response. The documentation is not necessarily expected to cover all possible HTTP response codes because they may not be known in advance.
+However, documentation is expected to cover a successful operation response and any known errors. The The This object MAY be extended with Specification Extensions. A 200 response for a successful operation and a default response for others (implying an error): Describes a single response from an API Operation, including design-time, static
+ This object MAY be extended with Specification Extensions. Response of an array of a complex type: Response with a string type: Plain text response with headers: Response with no return value: A map of possible out-of band callbacks related to the parent operation.
+Each value in the map is a Path Item Object that describes a set of requests that may be initiated by the API provider and the expected responses.
+The key value used to identify the callback object is an expression, evaluated at runtime, that identifies a URL to use for the callback operation. This object MAY be extended with Specification Extensions. The key that identifies the Path Item Object is a runtime expression that can be evaluated in the context of a runtime HTTP request/response to identify the URL to be used for the callback request.
+A simple example might be For example, given the following HTTP request: The following examples show how the various expressions evaluate, assuming the callback operation has a path parameter named The following example shows a callback to the URL specified by the This object MAY be extended with Specification Extensions. In all cases, the example value is expected to be compatible with the type schema
+of its associated value. Tooling implementations MAY choose to
+validate compatibility automatically, and reject the example value(s) if incompatible. The Unlike dynamic links (i.e. links provided in the response payload), the OAS linking mechanism does not require link information in the runtime response. For computing links, and providing instructions to execute them, a runtime expression is used for accessing values in an operation and using them as parameters while invoking the linked operation. This object MAY be extended with Specification Extensions. A linked operation MUST be identified using either an Computing a link from a request operation where the When a runtime expression fails to evaluate, no parameter value is passed to the target operation. Values from the response body can be used to drive a linked operation. Clients follow all links at their discretion.
+Neither permissions, nor the capability to make a successful call to that link, is guaranteed
+solely by the existence of a relationship. As references to or an absolute Note that in the use of Runtime expressions allow defining values based on information that will only be available within the HTTP message in an actual API call.
+This mechanism is used by Link Objects and Callback Objects. The runtime expression is defined by the following ABNF syntax The The table below provides examples of runtime expressions and examples of their use in a value: Runtime expressions preserve the type of the referenced value.
+Expressions can be embedded into string values by surrounding the expression with The Header Object follows the structure of the Parameter Object with the following changes: A simple header of type Adds metadata to a single tag that is used by the Operation Object.
+It is not mandatory to have a Tag Object per tag defined in the Operation Object instances. This object MAY be extended with Specification Extensions. A simple object to allow referencing other components in the specification, internally and externally. The Reference Object is defined by JSON Reference and follows the same structure, behavior and rules. For this specification, reference resolution is accomplished as defined by the JSON Reference specification and not by the JSON Schema specification. This object cannot be extended with additional properties and any properties added SHALL be ignored. The Schema Object allows the definition of input and output data types.
+These types can be objects, but also primitives and arrays.
+This object is an extended subset of the JSON Schema Specification Wright Draft 00. For more information about the properties, see JSON Schema Core and JSON Schema Validation.
+Unless stated otherwise, the property definitions follow the JSON Schema. The following properties are taken directly from the JSON Schema definition and follow the same specifications: The following properties are taken from the JSON Schema definition but their definitions were adjusted to the OpenAPI Specification. Alternatively, any time a Schema Object can be used, a Reference Object can be used in its place. This allows referencing definitions instead of defining them inline. Additional properties defined by the JSON Schema specification that are not mentioned here are strictly unsupported. Other than the JSON Schema subset fields, the following fields MAY be used for further schema documentation: This object MAY be extended with Specification Extensions. The OpenAPI Specification allows combining and extending model definitions using the While composition offers model extensibility, it does not imply a hierarchy between the models.
+To support polymorphism, the OpenAPI Specification adds the The xml property allows extra definitions when translating the JSON definition to XML.
+The XML Object contains additional information about the available options. For a simple string to string mapping: For a string to model mapping: When request bodies or response payloads may be one of a number of different schemas, a When using the discriminator, inline schemas will not be considered. The discriminator attribute is legal only when using one of the composite keywords In OAS 3.0, a response payload MAY be described to be exactly one of any number of types: which means the payload MUST, by validation, match exactly one of the schemas described by The expectation now is that a property with name Will indicate that the In scenarios where the value of the discriminator field does not match the schema name or implicit mapping is not possible, an optional Here the discriminator value of When used in conjunction with the In both the For example: a payload like this: will indicate that the will map to A metadata object that allows for more fine-tuned XML model definitions. When using arrays, XML element names are not inferred (for singular/plural forms) and the This object MAY be extended with Specification Extensions. The examples of the XML object definitions are included inside a property definition of a Schema Object with a sample of the XML representation of it. Basic string property: Basic string array property ( In this example, a full model definition is shown. Changing the element names: The external Even when the array is wrapped, if a name is not explicitly defined, the same name will be used both internally and externally: To overcome the naming problem in the example above, the following definition can be used: Affecting both internal and external names: If we change the external element but not the internal ones: Defines a security scheme that can be used by the operations.
+Supported schemes are HTTP authentication, an API key (either as a header or as a query parameter), OAuth2’s common flows (implicit, password, application and access code) as defined in [[!RFC6749]], and OpenID Connect Discovery. This object MAY be extended with Specification Extensions. Allows configuration of the supported OAuth Flows. This object MAY be extended with Specification Extensions. Configuration details for a supported OAuth Flow This object MAY be extended with Specification Extensions. Lists the required security schemes to execute this operation.
+The name used for each property MUST correspond to a security scheme declared in the Security Schemes under the Components Object. Security Requirement Objects that contain multiple schemes require that all schemes MUST be satisfied for a request to be authorized.
+This enables support for scenarios where multiple query parameters or HTTP headers are required to convey security information. When a list of Security Requirement Objects is defined on the Open API object or Operation Object, only one of Security Requirement Objects in the list needs to be satisfied to authorize the request. While the OpenAPI Specification tries to accommodate most use cases, additional data can be added to extend the specification at certain points. The extensions properties are implemented as patterned fields that are always prefixed by The extensions may or may not be supported by the available tooling, but those may be extended as well to add requested support (if tools are internal or open-sourced). Some objects in the OpenAPI Specification MAY be declared and remain empty, or be completely removed, even though they are inherently the core of the API documentation. The reasoning is to allow an additional layer of access control over the documentation.
+While not part of the specification itself, certain libraries MAY choose to allow access to parts of the documentation based on some form of authentication/authorization. Two examples of this: The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “NOT RECOMMENDED”, “MAY”, and “OPTIONAL” in this document are to be interpreted as described in BCP 14 [[!RFC2119]] [[!RFC8174]] when, and only when, they appear in all capitals, as shown here. This document is licensed under The Apache License, Version 2.0. The OpenAPI Specification (OAS) defines a standard, language-agnostic interface to RESTful APIs which allows both humans and computers to discover and understand the capabilities of the service without access to source code, documentation, or through network traffic inspection. When properly defined, a consumer can understand and interact with the remote service with a minimal amount of implementation logic. An OpenAPI definition can then be used by documentation generation tools to display the API, code generation tools to generate servers and clients in various programming languages, testing tools, and many other use cases. A document (or set of documents) that defines or describes an API. An OpenAPI definition uses and conforms to the OpenAPI Specification. Path templating refers to the usage of curly braces ({}) to mark a section of a URL path as replaceable using path parameters. Media type definitions are spread across several resources.
+The media type definitions SHOULD be in compliance with [[!RFC6838]]. Some examples of possible media type definitions: The HTTP Status Codes are used to indicate the status of the executed operation.
+The available status codes are defined by [[!RFC7231]] and registered status codes are listed in the IANA Status Code Registry. The OpenAPI Specification is versioned using Semantic Versioning 2.0.0 (semver) and follows the semver specification. The Subsequent minor version releases of the OpenAPI Specification (incrementing the An OpenAPI document compatible with OAS 3.*.* contains a required An OpenAPI document that conforms to the OpenAPI Specification is itself a JSON object, which may be represented either in JSON or YAML format. For example, if a field has an array value, the JSON array representation will be used: All field names in the specification are case sensitive.
+This includes all fields that are used as keys in a map, except where explicitly noted that keys are case insensitive. The schema exposes two types of fields: Fixed fields, which have a declared name, and Patterned fields, which declare a regex pattern for the field name. Patterned fields MUST have unique names within the containing object. In order to preserve the ability to round-trip between YAML and JSON formats, YAML version 1.2 is RECOMMENDED along with some additional constraints: Note: While APIs may be defined by OpenAPI documents in either YAML or JSON format, the API request and response bodies and other content are not required to be JSON or YAML. An OpenAPI document MAY be made up of a single document or be divided into multiple, connected parts at the discretion of the user. In the latter case, It is RECOMMENDED that the root OpenAPI document be named: Primitive data types in the OAS are based on the types supported by the JSON Schema Specification Wright Draft 00.
+Note that Primitives have an optional modifier property: The formats defined by the OAS are: Throughout the specification Unless specified otherwise, all properties that are URLs MAY be relative references as defined by [[!RFC3986]].
+Relative references are resolved using the URLs defined in the Relative references used in In the following description, if a field is not explicitly REQUIRED or described with a MUST or SHALL, it can be considered OPTIONAL. This is the root document object of the OpenAPI document. This object MAY be extended with Specification Extensions. The object provides metadata about the API.
+The metadata MAY be used by the clients if needed, and MAY be presented in editing or documentation generation tools for convenience. This object MAY be extended with Specification Extensions. Contact information for the exposed API. This object MAY be extended with Specification Extensions. License information for the exposed API. This object MAY be extended with Specification Extensions. An object representing a Server. This object MAY be extended with Specification Extensions. A single server would be described as: The following shows how multiple servers can be described, for example, at the OpenAPI Object’s The following shows how variables can be used for a server configuration: An object representing a Server Variable for server URL template substitution. This object MAY be extended with Specification Extensions. Holds a set of reusable objects for different aspects of the OAS.
+All objects defined within the components object will have no effect on the API unless they are explicitly referenced from properties outside the components object. This object MAY be extended with Specification Extensions. All the fixed fields declared above are objects that MUST use keys that match the regular expression: Field Name Examples: Holds the relative paths to the individual endpoints and their operations.
+The path is appended to the URL from the This object MAY be extended with Specification Extensions. Assuming the following paths, the concrete definition, The following paths are considered identical and invalid: The following may lead to ambiguous resolution: Describes the operations available on a single path.
+A Path Item MAY be empty, due to ACL constraints.
+The path itself is still exposed to the documentation viewer but they will not know which operations and parameters are available. This object MAY be extended with Specification Extensions. Describes a single API operation on a path. This object MAY be extended with Specification Extensions. Allows referencing an external resource for extended documentation. This object MAY be extended with Specification Extensions. Describes a single operation parameter. A unique parameter is defined by a combination of a name and location. There are four possible parameter locations specified by the The rules for serialization of the parameter are specified in one of two ways.
+For simpler scenarios, a For more complex scenarios, the In order to support common ways of serializing simple parameters, a set of Assume a parameter named The following table shows examples of rendering differences for each value. This object MAY be extended with Specification Extensions. A header parameter with an array of 64 bit integer numbers: A path parameter of a string value: An optional query parameter of a string value, allowing multiple values by repeating the query parameter: A free-form query parameter, allowing undefined parameters of a specific type: A complex parameter using Describes a single request body. This object MAY be extended with Specification Extensions. A request body with a referenced model definition. A body parameter that is an array of string values: Each Media Type Object provides schema and examples for the media type identified by its key. This object MAY be extended with Specification Extensions. In contrast with the 2.0 specification, These examples apply to either input payloads of file uploads or response payloads. A In addition, specific media types MAY be specified: To upload multiple files, a To submit content using form url encoding via [[!RFC1866]], the following
+definition may be used: In this example, the contents in the When passing complex objects in the It is common to use When passing in Examples: An A single encoding definition applied to a single schema property. This object MAY be extended with Specification Extensions. A container for the expected responses of an operation.
+The container maps a HTTP response code to the expected response. The documentation is not necessarily expected to cover all possible HTTP response codes because they may not be known in advance.
+However, documentation is expected to cover a successful operation response and any known errors. The The This object MAY be extended with Specification Extensions. A 200 response for a successful operation and a default response for others (implying an error): Describes a single response from an API Operation, including design-time, static
+ This object MAY be extended with Specification Extensions. Response of an array of a complex type: Response with a string type: Plain text response with headers: Response with no return value: A map of possible out-of band callbacks related to the parent operation.
+Each value in the map is a Path Item Object that describes a set of requests that may be initiated by the API provider and the expected responses.
+The key value used to identify the callback object is an expression, evaluated at runtime, that identifies a URL to use for the callback operation. This object MAY be extended with Specification Extensions. The key that identifies the Path Item Object is a runtime expression that can be evaluated in the context of a runtime HTTP request/response to identify the URL to be used for the callback request.
+A simple example might be For example, given the following HTTP request: The following examples show how the various expressions evaluate, assuming the callback operation has a path parameter named The following example shows a callback to the URL specified by the This object MAY be extended with Specification Extensions. In all cases, the example value is expected to be compatible with the type schema
+of its associated value. Tooling implementations MAY choose to
+validate compatibility automatically, and reject the example value(s) if incompatible. In a model: In a request body: In a parameter: In a response: The Unlike dynamic links (i.e. links provided in the response payload), the OAS linking mechanism does not require link information in the runtime response. For computing links, and providing instructions to execute them, a runtime expression is used for accessing values in an operation and using them as parameters while invoking the linked operation. This object MAY be extended with Specification Extensions. A linked operation MUST be identified using either an Computing a link from a request operation where the When a runtime expression fails to evaluate, no parameter value is passed to the target operation. Values from the response body can be used to drive a linked operation. Clients follow all links at their discretion.
+Neither permissions, nor the capability to make a successful call to that link, is guaranteed
+solely by the existence of a relationship. As references to or an absolute Note that in the use of Runtime expressions allow defining values based on information that will only be available within the HTTP message in an actual API call.
+This mechanism is used by Link Objects and Callback Objects. The runtime expression is defined by the following ABNF syntax The The table below provides examples of runtime expressions and examples of their use in a value: Runtime expressions preserve the type of the referenced value.
+Expressions can be embedded into string values by surrounding the expression with The Header Object follows the structure of the Parameter Object with the following changes: A simple header of type Adds metadata to a single tag that is used by the Operation Object.
+It is not mandatory to have a Tag Object per tag defined in the Operation Object instances. This object MAY be extended with Specification Extensions. A simple object to allow referencing other components in the specification, internally and externally. The Reference Object is defined by JSON Reference and follows the same structure, behavior and rules. For this specification, reference resolution is accomplished as defined by the JSON Reference specification and not by the JSON Schema specification. This object cannot be extended with additional properties and any properties added SHALL be ignored. The Schema Object allows the definition of input and output data types.
+These types can be objects, but also primitives and arrays.
+This object is an extended subset of the JSON Schema Specification Wright Draft 00. For more information about the properties, see JSON Schema Core and JSON Schema Validation.
+Unless stated otherwise, the property definitions follow the JSON Schema. The following properties are taken directly from the JSON Schema definition and follow the same specifications: The following properties are taken from the JSON Schema definition but their definitions were adjusted to the OpenAPI Specification. Alternatively, any time a Schema Object can be used, a Reference Object can be used in its place. This allows referencing definitions instead of defining them inline. Additional properties defined by the JSON Schema specification that are not mentioned here are strictly unsupported. Other than the JSON Schema subset fields, the following fields MAY be used for further schema documentation: This object MAY be extended with Specification Extensions. The OpenAPI Specification allows combining and extending model definitions using the While composition offers model extensibility, it does not imply a hierarchy between the models.
+To support polymorphism, the OpenAPI Specification adds the The xml property allows extra definitions when translating the JSON definition to XML.
+The XML Object contains additional information about the available options. For a simple string to string mapping: For a string to model mapping: When request bodies or response payloads may be one of a number of different schemas, a When using the discriminator, inline schemas will not be considered. The discriminator object is legal only when using one of the composite keywords In OAS 3.0, a response payload MAY be described to be exactly one of any number of types: which means the payload MUST, by validation, match exactly one of the schemas described by The expectation now is that a property with name Will indicate that the In scenarios where the value of the discriminator field does not match the schema name or implicit mapping is not possible, an optional Here the discriminator value of When used in conjunction with the In both the For example: a payload like this: will indicate that the will map to A metadata object that allows for more fine-tuned XML model definitions. When using arrays, XML element names are not inferred (for singular/plural forms) and the This object MAY be extended with Specification Extensions. The examples of the XML object definitions are included inside a property definition of a Schema Object with a sample of the XML representation of it. Basic string property: Basic string array property ( In this example, a full model definition is shown. Changing the element names: The external Even when the array is wrapped, if a name is not explicitly defined, the same name will be used both internally and externally: To overcome the naming problem in the example above, the following definition can be used: Affecting both internal and external names: If we change the external element but not the internal ones: Defines a security scheme that can be used by the operations.
+Supported schemes are HTTP authentication, an API key (either as a header, a cookie parameter or as a query parameter), OAuth2’s common flows (implicit, password, application and access code) as defined in [[!RFC6749]], and OpenID Connect Discovery. This object MAY be extended with Specification Extensions. Allows configuration of the supported OAuth Flows. This object MAY be extended with Specification Extensions. Configuration details for a supported OAuth Flow This object MAY be extended with Specification Extensions. Lists the required security schemes to execute this operation.
+The name used for each property MUST correspond to a security scheme declared in the Security Schemes under the Components Object. Security Requirement Objects that contain multiple schemes require that all schemes MUST be satisfied for a request to be authorized.
+This enables support for scenarios where multiple query parameters or HTTP headers are required to convey security information. When a list of Security Requirement Objects is defined on the OpenAPI Object or Operation Object, only one of the Security Requirement Objects in the list needs to be satisfied to authorize the request. While the OpenAPI Specification tries to accommodate most use cases, additional data can be added to extend the specification at certain points. The extensions properties are implemented as patterned fields that are always prefixed by The extensions may or may not be supported by the available tooling, but those may be extended as well to add requested support (if tools are internal or open-sourced). Some objects in the OpenAPI Specification MAY be declared and remain empty, or be completely removed, even though they are inherently the core of the API documentation. The reasoning is to allow an additional layer of access control over the documentation.
+While not part of the specification itself, certain libraries MAY choose to allow access to parts of the documentation based on some form of authentication/authorization. Two examples of this: The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “NOT RECOMMENDED”, “MAY”, and “OPTIONAL” in this document are to be interpreted as described in BCP 14 [[!RFC2119]] [[!RFC8174]] when, and only when, they appear in all capitals, as shown here. This document is licensed under The Apache License, Version 2.0. The OpenAPI Specification (OAS) defines a standard, language-agnostic interface to RESTful APIs which allows both humans and computers to discover and understand the capabilities of the service without access to source code, documentation, or through network traffic inspection. When properly defined, a consumer can understand and interact with the remote service with a minimal amount of implementation logic. An OpenAPI definition can then be used by documentation generation tools to display the API, code generation tools to generate servers and clients in various programming languages, testing tools, and many other use cases. A document (or set of documents) that defines or describes an API. An OpenAPI definition uses and conforms to the OpenAPI Specification. Path templating refers to the usage of template expressions, delimited by curly braces ({}), to mark a section of a URL path as replaceable using path parameters. Each template expression in the path MUST correspond to a path parameter that is included in the Path Item itself and/or in each of the Path Item’s Operations. Media type definitions are spread across several resources.
+The media type definitions SHOULD be in compliance with [[!RFC6838]]. Some examples of possible media type definitions: The HTTP Status Codes are used to indicate the status of the executed operation.
+The available status codes are defined by [[!RFC7231]] and registered status codes are listed in the IANA Status Code Registry. The OpenAPI Specification is versioned using Semantic Versioning 2.0.0 (semver) and follows the semver specification. The Each new minor version of the OpenAPI Specification SHALL allow any OpenAPI document that is valid against any previous minor version of the Specification, within the same major version, to be updated to the new Specification version with equivalent semantics. Such an update MUST only require changing the For example, a valid OpenAPI 3.0.2 document, upon changing its An OpenAPI document compatible with OAS 3.*.* contains a required An OpenAPI document that conforms to the OpenAPI Specification is itself a JSON object, which may be represented either in JSON or YAML format. For example, if a field has an array value, the JSON array representation will be used: All field names in the specification are case sensitive.
+This includes all fields that are used as keys in a map, except where explicitly noted that keys are case insensitive. The schema exposes two types of fields: Fixed fields, which have a declared name, and Patterned fields, which declare a regex pattern for the field name. Patterned fields MUST have unique names within the containing object. In order to preserve the ability to round-trip between YAML and JSON formats, YAML version 1.2 is RECOMMENDED along with some additional constraints: Note: While APIs may be defined by OpenAPI documents in either YAML or JSON format, the API request and response bodies and other content are not required to be JSON or YAML. An OpenAPI document MAY be made up of a single document or be divided into multiple, connected parts at the discretion of the user. In the latter case, It is RECOMMENDED that the root OpenAPI document be named: Primitive data types in the OAS are based on the types supported by the JSON Schema Specification Wright Draft 00.
+Note that Primitives have an optional modifier property: The formats defined by the OAS are: Throughout the specification Unless specified otherwise, all properties that are URLs MAY be relative references as defined by [[!RFC3986]].
+Relative references are resolved using the URLs defined in the Relative references used in In the following description, if a field is not explicitly REQUIRED or described with a MUST or SHALL, it can be considered OPTIONAL. This is the root document object of the OpenAPI document. This object MAY be extended with Specification Extensions. The object provides metadata about the API.
+The metadata MAY be used by the clients if needed, and MAY be presented in editing or documentation generation tools for convenience. This object MAY be extended with Specification Extensions. Contact information for the exposed API. This object MAY be extended with Specification Extensions. License information for the exposed API. This object MAY be extended with Specification Extensions. An object representing a Server. This object MAY be extended with Specification Extensions. A single server would be described as: The following shows how multiple servers can be described, for example, at the OpenAPI Object’s The following shows how variables can be used for a server configuration: An object representing a Server Variable for server URL template substitution. This object MAY be extended with Specification Extensions. Holds a set of reusable objects for different aspects of the OAS.
+All objects defined within the components object will have no effect on the API unless they are explicitly referenced from properties outside the components object. This object MAY be extended with Specification Extensions. All the fixed fields declared above are objects that MUST use keys that match the regular expression: Field Name Examples: Holds the relative paths to the individual endpoints and their operations.
+The path is appended to the URL from the This object MAY be extended with Specification Extensions. Assuming the following paths, the concrete definition, The following paths are considered identical and invalid: The following may lead to ambiguous resolution: Describes the operations available on a single path.
+A Path Item MAY be empty, due to ACL constraints.
+The path itself is still exposed to the documentation viewer but they will not know which operations and parameters are available. This object MAY be extended with Specification Extensions. Describes a single API operation on a path. This object MAY be extended with Specification Extensions. Allows referencing an external resource for extended documentation. This object MAY be extended with Specification Extensions. Describes a single operation parameter. A unique parameter is defined by a combination of a name and location. There are four possible parameter locations specified by the The rules for serialization of the parameter are specified in one of two ways.
+For simpler scenarios, a For more complex scenarios, the In order to support common ways of serializing simple parameters, a set of Assume a parameter named The following table shows examples of rendering differences for each value. This object MAY be extended with Specification Extensions. A header parameter with an array of 64 bit integer numbers: A path parameter of a string value: An optional query parameter of a string value, allowing multiple values by repeating the query parameter: A free-form query parameter, allowing undefined parameters of a specific type: A complex parameter using Describes a single request body. This object MAY be extended with Specification Extensions. A request body with a referenced model definition. A body parameter that is an array of string values: Each Media Type Object provides schema and examples for the media type identified by its key. This object MAY be extended with Specification Extensions. In contrast with the 2.0 specification, These examples apply to either input payloads of file uploads or response payloads. A In addition, specific media types MAY be specified: To upload multiple files, a To submit content using form url encoding via [[!RFC1866]], the following
+definition may be used: In this example, the contents in the When passing complex objects in the It is common to use When passing in Examples: An A single encoding definition applied to a single schema property. This object MAY be extended with Specification Extensions. A container for the expected responses of an operation.
+The container maps a HTTP response code to the expected response. The documentation is not necessarily expected to cover all possible HTTP response codes because they may not be known in advance.
+However, documentation is expected to cover a successful operation response and any known errors. The The This object MAY be extended with Specification Extensions. A 200 response for a successful operation and a default response for others (implying an error): Describes a single response from an API Operation, including design-time, static
+ This object MAY be extended with Specification Extensions. Response of an array of a complex type: Response with a string type: Plain text response with headers: Response with no return value: A map of possible out-of band callbacks related to the parent operation.
+Each value in the map is a Path Item Object that describes a set of requests that may be initiated by the API provider and the expected responses.
+The key value used to identify the path item object is an expression, evaluated at runtime, that identifies a URL to use for the callback operation. This object MAY be extended with Specification Extensions. The key that identifies the Path Item Object is a runtime expression that can be evaluated in the context of a runtime HTTP request/response to identify the URL to be used for the callback request.
+A simple example might be For example, given the following HTTP request: The following examples show how the various expressions evaluate, assuming the callback operation has a path parameter named The following example uses the user provided The following example shows a callback where the server is hard-coded, but the query string parameters are populated from the This object MAY be extended with Specification Extensions. In all cases, the example value is expected to be compatible with the type schema
+of its associated value. Tooling implementations MAY choose to
+validate compatibility automatically, and reject the example value(s) if incompatible. In a request body: In a parameter: In a response: The Unlike dynamic links (i.e. links provided in the response payload), the OAS linking mechanism does not require link information in the runtime response. For computing links, and providing instructions to execute them, a runtime expression is used for accessing values in an operation and using them as parameters while invoking the linked operation. This object MAY be extended with Specification Extensions. A linked operation MUST be identified using either an Computing a link from a request operation where the When a runtime expression fails to evaluate, no parameter value is passed to the target operation. Values from the response body can be used to drive a linked operation. Clients follow all links at their discretion.
+Neither permissions, nor the capability to make a successful call to that link, is guaranteed
+solely by the existence of a relationship. As references to or an absolute Note that in the use of Runtime expressions allow defining values based on information that will only be available within the HTTP message in an actual API call.
+This mechanism is used by Link Objects and Callback Objects. The runtime expression is defined by the following ABNF syntax Here, The The table below provides examples of runtime expressions and examples of their use in a value: Runtime expressions preserve the type of the referenced value.
+Expressions can be embedded into string values by surrounding the expression with The Header Object follows the structure of the Parameter Object with the following changes: A simple header of type Adds metadata to a single tag that is used by the Operation Object.
+It is not mandatory to have a Tag Object per tag defined in the Operation Object instances. This object MAY be extended with Specification Extensions. A simple object to allow referencing other components in the specification, internally and externally. The Reference Object is defined by JSON Reference and follows the same structure, behavior and rules. For this specification, reference resolution is accomplished as defined by the JSON Reference specification and not by the JSON Schema specification. This object cannot be extended with additional properties and any properties added SHALL be ignored. The Schema Object allows the definition of input and output data types.
+These types can be objects, but also primitives and arrays.
+This object is an extended subset of the JSON Schema Specification Wright Draft 00. For more information about the properties, see JSON Schema Core and JSON Schema Validation.
+Unless stated otherwise, the property definitions follow the JSON Schema. The following properties are taken directly from the JSON Schema definition and follow the same specifications: The following properties are taken from the JSON Schema definition but their definitions were adjusted to the OpenAPI Specification. Alternatively, any time a Schema Object can be used, a Reference Object can be used in its place. This allows referencing definitions instead of defining them inline. Additional properties defined by the JSON Schema specification that are not mentioned here are strictly unsupported. Other than the JSON Schema subset fields, the following fields MAY be used for further schema documentation: This object MAY be extended with Specification Extensions. The OpenAPI Specification allows combining and extending model definitions using the While composition offers model extensibility, it does not imply a hierarchy between the models.
+To support polymorphism, the OpenAPI Specification adds the The xml property allows extra definitions when translating the JSON definition to XML.
+The XML Object contains additional information about the available options. For a simple string to string mapping: For a string to model mapping: When request bodies or response payloads may be one of a number of different schemas, a When using the discriminator, inline schemas will not be considered. The discriminator object is legal only when using one of the composite keywords In OAS 3.0, a response payload MAY be described to be exactly one of any number of types: which means the payload MUST, by validation, match exactly one of the schemas described by The expectation now is that a property with name Will indicate that the In scenarios where the value of the discriminator field does not match the schema name or implicit mapping is not possible, an optional Here the discriminator value of When used in conjunction with the In both the For example: a payload like this: will indicate that the will map to A metadata object that allows for more fine-tuned XML model definitions. When using arrays, XML element names are not inferred (for singular/plural forms) and the This object MAY be extended with Specification Extensions. The examples of the XML object definitions are included inside a property definition of a Schema Object with a sample of the XML representation of it. Basic string property: Basic string array property ( In this example, a full model definition is shown. Changing the element names: The external Even when the array is wrapped, if a name is not explicitly defined, the same name will be used both internally and externally: To overcome the naming problem in the example above, the following definition can be used: Affecting both internal and external names: If we change the external element but not the internal ones: Defines a security scheme that can be used by the operations.
+Supported schemes are HTTP authentication, an API key (either as a header, a cookie parameter or as a query parameter), OAuth2’s common flows (implicit, password, client credentials and authorization code) as defined in [[!RFC6749]], and OpenID Connect Discovery. This object MAY be extended with Specification Extensions. Allows configuration of the supported OAuth Flows. This object MAY be extended with Specification Extensions. Configuration details for a supported OAuth Flow This object MAY be extended with Specification Extensions. Lists the required security schemes to execute this operation.
+The name used for each property MUST correspond to a security scheme declared in the Security Schemes under the Components Object. Security Requirement Objects that contain multiple schemes require that all schemes MUST be satisfied for a request to be authorized.
+This enables support for scenarios where multiple query parameters or HTTP headers are required to convey security information. When a list of Security Requirement Objects is defined on the OpenAPI Object or Operation Object, only one of the Security Requirement Objects in the list needs to be satisfied to authorize the request. Optional OAuth2 security as would be defined in an OpenAPI Object or an Operation Object: While the OpenAPI Specification tries to accommodate most use cases, additional data can be added to extend the specification at certain points. The extensions properties are implemented as patterned fields that are always prefixed by The extensions may or may not be supported by the available tooling, but those may be extended as well to add requested support (if tools are internal or open-sourced). Some objects in the OpenAPI Specification MAY be declared and remain empty, or be completely removed, even though they are inherently the core of the API documentation. The reasoning is to allow an additional layer of access control over the documentation.
+While not part of the specification itself, certain libraries MAY choose to allow access to parts of the documentation based on some form of authentication/authorization. Two examples of this: The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “NOT RECOMMENDED”, “MAY”, and “OPTIONAL” in this document are to be interpreted as described in BCP 14 [[!RFC2119]] [[!RFC8174]] when, and only when, they appear in all capitals, as shown here. This document is licensed under The Apache License, Version 2.0. The OpenAPI Specification (OAS) defines a standard, language-agnostic interface to HTTP APIs which allows both humans and computers to discover and understand the capabilities of the service without access to source code, documentation, or through network traffic inspection. When properly defined, a consumer can understand and interact with the remote service with a minimal amount of implementation logic. An OpenAPI definition can then be used by documentation generation tools to display the API, code generation tools to generate servers and clients in various programming languages, testing tools, and many other use cases. A self-contained or composite resource which defines or describes an API or elements of an API. The OpenAPI document MUST contain at least one paths field, a components field or a webhooks field. An OpenAPI document uses and conforms to the OpenAPI Specification. Path templating refers to the usage of template expressions, delimited by curly braces ({}), to mark a section of a URL path as replaceable using path parameters. Each template expression in the path MUST correspond to a path parameter that is included in the Path Item itself and/or in each of the Path Item’s Operations. An exception is if the path item is empty, for example due to ACL constraints, matching path parameters are not required. The value for these path parameters MUST NOT contain any unescaped “generic syntax” characters described by [[!RFC3986]]: forward slashes ( Media type definitions are spread across several resources.
+The media type definitions SHOULD be in compliance with [[!RFC6838]]. Some examples of possible media type definitions: The HTTP Status Codes are used to indicate the status of the executed operation.
+The available status codes are defined by [[!RFC7231]] and registered status codes are listed in the IANA Status Code Registry. The OpenAPI Specification is versioned using a Occasionally, non-backwards compatible changes may be made in An OpenAPI document compatible with OAS 3.*.* contains a required An OpenAPI document that conforms to the OpenAPI Specification is itself a JSON object, which may be represented either in JSON or YAML format. For example, if a field has an array value, the JSON array representation will be used: All field names in the specification are case sensitive.
+This includes all fields that are used as keys in a map, except where explicitly noted that keys are case insensitive. The schema exposes two types of fields: Fixed fields, which have a declared name, and Patterned fields, which declare a regex pattern for the field name. Patterned fields MUST have unique names within the containing object. In order to preserve the ability to round-trip between YAML and JSON formats, YAML version 1.2 is RECOMMENDED along with some additional constraints: Note: While APIs may be defined by OpenAPI documents in either YAML or JSON format, the API request and response bodies and other content are not required to be JSON or YAML. An OpenAPI document MAY be made up of a single document or be divided into multiple, connected parts at the discretion of the author. In the latter case, It is RECOMMENDED that the root OpenAPI document be named: Data types in the OAS are based on the types supported by the JSON Schema Specification Draft 2020-12.
+Note that As defined by the JSON Schema Validation vocabulary, data types can have an optional modifier property: The formats defined by the OAS are: Throughout the specification Unless specified otherwise, all properties that are URIs MAY be relative references as defined by [[!RFC3986]]. Relative references, including those in If a URI contains a fragment identifier, then the fragment should be resolved per the fragment resolution mechanism of the referenced document. If the representation of the referenced document is JSON or YAML, then the fragment identifier SHOULD be interpreted as a JSON-Pointer as per [[!RFC6901]]. Relative references in Unless specified otherwise, all properties that are URLs MAY be relative references as defined by [[!RFC3986]].
+Unless specified otherwise, relative references are resolved using the URLs defined in the In the following description, if a field is not explicitly REQUIRED or described with a MUST or SHALL, it can be considered OPTIONAL. This is the root object of the OpenAPI document. This object MAY be extended with Specification Extensions. The object provides metadata about the API.
+The metadata MAY be used by the clients if needed, and MAY be presented in editing or documentation generation tools for convenience. This object MAY be extended with Specification Extensions. Contact information for the exposed API. This object MAY be extended with Specification Extensions. License information for the exposed API. This object MAY be extended with Specification Extensions. An object representing a Server. This object MAY be extended with Specification Extensions. A single server would be described as: The following shows how multiple servers can be described, for example, at the OpenAPI Object’s The following shows how variables can be used for a server configuration: An object representing a Server Variable for server URL template substitution. This object MAY be extended with Specification Extensions. Holds a set of reusable objects for different aspects of the OAS.
+All objects defined within the components object will have no effect on the API unless they are explicitly referenced from properties outside the components object. This object MAY be extended with Specification Extensions. All the fixed fields declared above are objects that MUST use keys that match the regular expression: Field Name Examples: Holds the relative paths to the individual endpoints and their operations.
+The path is appended to the URL from the This object MAY be extended with Specification Extensions. Assuming the following paths, the concrete definition, The following paths are considered identical and invalid: The following may lead to ambiguous resolution: Describes the operations available on a single path.
+A Path Item MAY be empty, due to ACL constraints.
+The path itself is still exposed to the documentation viewer but they will not know which operations and parameters are available. This object MAY be extended with Specification Extensions. Describes a single API operation on a path. This object MAY be extended with Specification Extensions. Allows referencing an external resource for extended documentation. This object MAY be extended with Specification Extensions. Describes a single operation parameter. A unique parameter is defined by a combination of a name and location. There are four possible parameter locations specified by the The rules for serialization of the parameter are specified in one of two ways.
+For simpler scenarios, a For more complex scenarios, the In order to support common ways of serializing simple parameters, a set of Assume a parameter named The following table shows examples of rendering differences for each value. This object MAY be extended with Specification Extensions. A header parameter with an array of 64 bit integer numbers: A path parameter of a string value: An optional query parameter of a string value, allowing multiple values by repeating the query parameter: A free-form query parameter, allowing undefined parameters of a specific type: A complex parameter using Describes a single request body. This object MAY be extended with Specification Extensions. A request body with a referenced model definition. A body parameter that is an array of string values: Each Media Type Object provides schema and examples for the media type identified by its key. This object MAY be extended with Specification Extensions. In contrast with the 2.0 specification, In contrast with the 3.0 specification, the JSON Schema also offers a Examples: Content transferred in binary (octet-stream) MAY omit Binary content transferred with base64 encoding: Note that the These examples apply to either input payloads of file uploads or response payloads. A In addition, specific media types MAY be specified: To upload multiple files, a As seen in the section on To submit content using form url encoding via [[!RFC1866]], the following
+definition may be used: In this example, the contents in the When passing complex objects in the It is common to use In a When passing in Per the JSON Schema specification, Examples: An A single encoding definition applied to a single schema property. This object MAY be extended with Specification Extensions. A container for the expected responses of an operation.
+The container maps a HTTP response code to the expected response. The documentation is not necessarily expected to cover all possible HTTP response codes because they may not be known in advance.
+However, documentation is expected to cover a successful operation response and any known errors. The The This object MAY be extended with Specification Extensions. A 200 response for a successful operation and a default response for others (implying an error): Describes a single response from an API Operation, including design-time, static
+ This object MAY be extended with Specification Extensions. Response of an array of a complex type: Response with a string type: Plain text response with headers: Response with no return value: A map of possible out-of band callbacks related to the parent operation.
+Each value in the map is a Path Item Object that describes a set of requests that may be initiated by the API provider and the expected responses.
+The key value used to identify the path item object is an expression, evaluated at runtime, that identifies a URL to use for the callback operation. To describe incoming requests from the API provider independent from another API call, use the This object MAY be extended with Specification Extensions. The key that identifies the Path Item Object is a runtime expression that can be evaluated in the context of a runtime HTTP request/response to identify the URL to be used for the callback request.
+A simple example might be For example, given the following HTTP request: The following examples show how the various expressions evaluate, assuming the callback operation has a path parameter named The following example uses the user provided The following example shows a callback where the server is hard-coded, but the query string parameters are populated from the This object MAY be extended with Specification Extensions. In all cases, the example value is expected to be compatible with the type schema
+of its associated value. Tooling implementations MAY choose to
+validate compatibility automatically, and reject the example value(s) if incompatible. In a request body: In a parameter: In a response: The Unlike dynamic links (i.e. links provided in the response payload), the OAS linking mechanism does not require link information in the runtime response. For computing links, and providing instructions to execute them, a runtime expression is used for accessing values in an operation and using them as parameters while invoking the linked operation. This object MAY be extended with Specification Extensions. A linked operation MUST be identified using either an Computing a link from a request operation where the When a runtime expression fails to evaluate, no parameter value is passed to the target operation. Values from the response body can be used to drive a linked operation. Clients follow all links at their discretion.
+Neither permissions, nor the capability to make a successful call to that link, is guaranteed
+solely by the existence of a relationship. As references to or an absolute Note that in the use of Runtime expressions allow defining values based on information that will only be available within the HTTP message in an actual API call.
+This mechanism is used by Link Objects and Callback Objects. The runtime expression is defined by the following ABNF syntax Here, The The table below provides examples of runtime expressions and examples of their use in a value: Runtime expressions preserve the type of the referenced value.
+Expressions can be embedded into string values by surrounding the expression with The Header Object follows the structure of the Parameter Object with the following changes: A simple header of type Adds metadata to a single tag that is used by the Operation Object.
+It is not mandatory to have a Tag Object per tag defined in the Operation Object instances. This object MAY be extended with Specification Extensions. A simple object to allow referencing other components in the OpenAPI document, internally and externally. The See the rules for resolving Relative References. This object cannot be extended with additional properties and any properties added SHALL be ignored. Note that this restriction on additional properties is a difference between Reference Objects and The Schema Object allows the definition of input and output data types.
+These types can be objects, but also primitives and arrays. This object is a superset of the JSON Schema Specification Draft 2020-12. For more information about the properties, see JSON Schema Core and JSON Schema Validation. Unless stated otherwise, the property definitions follow those of JSON Schema and do not add any additional semantics.
+Where JSON Schema indicates that behavior is defined by the application (e.g. for annotations), OAS also defers the definition of semantics to the application consuming the OpenAPI document. The OpenAPI Schema Object dialect is defined as requiring the OAS base vocabulary, in addition to the vocabularies as specified in the JSON Schema draft 2020-12 general purpose meta-schema. The OpenAPI Schema Object dialect for this version of the specification is identified by the URI The following properties are taken from the JSON Schema specification but their definitions have been extended by the OAS: In addition to the JSON Schema properties comprising the OAS dialect, the Schema Object supports keywords from any other vocabularies, or entirely arbitrary properties. The OpenAPI Specification’s base vocabulary is comprised of the following keywords: This object MAY be extended with Specification Extensions, though as noted, additional properties MAY omit the The OpenAPI Specification allows combining and extending model definitions using the While composition offers model extensibility, it does not imply a hierarchy between the models.
+To support polymorphism, the OpenAPI Specification adds the The xml property allows extra definitions when translating the JSON definition to XML.
+The XML Object contains additional information about the available options. It is important for tooling to be able to determine which dialect or meta-schema any given resource wishes to be processed with: JSON Schema Core, JSON Schema Validation, OpenAPI Schema dialect, or some custom meta-schema. The To allow use of a different default When a Schema Object is referenced from an external resource which is not an OAS document (e.g. a bare JSON Schema resource), then the value of the For a simple string to string mapping: For a string to model mapping: When request bodies or response payloads may be one of a number of different schemas, a When using the discriminator, inline schemas will not be considered. This object MAY be extended with Specification Extensions. The discriminator object is legal only when using one of the composite keywords In OAS 3.0, a response payload MAY be described to be exactly one of any number of types: which means the payload MUST, by validation, match exactly one of the schemas described by The expectation now is that a property with name Will indicate that the In scenarios where the value of the discriminator field does not match the schema name or implicit mapping is not possible, an optional Here the discriminator value of When used in conjunction with the In both the For example: a payload like this: will indicate that the will map to A metadata object that allows for more fine-tuned XML model definitions. When using arrays, XML element names are not inferred (for singular/plural forms) and the This object MAY be extended with Specification Extensions. The examples of the XML object definitions are included inside a property definition of a Schema Object with a sample of the XML representation of it. Basic string property: Basic string array property ( In this example, a full model definition is shown. Changing the element names: The external Even when the array is wrapped, if a name is not explicitly defined, the same name will be used both internally and externally: To overcome the naming problem in the example above, the following definition can be used: Affecting both internal and external names: If we change the external element but not the internal ones: Defines a security scheme that can be used by the operations. Supported schemes are HTTP authentication, an API key (either as a header, a cookie parameter or as a query parameter), mutual TLS (use of a client certificate), OAuth2’s common flows (implicit, password, client credentials and authorization code) as defined in [[!RFC6749]], and OpenID Connect Discovery.
+Please note that as of 2020, the implicit flow is about to be deprecated by OAuth 2.0 Security Best Current Practice. Recommended for most use case is Authorization Code Grant flow with PKCE. This object MAY be extended with Specification Extensions. Allows configuration of the supported OAuth Flows. This object MAY be extended with Specification Extensions. Configuration details for a supported OAuth Flow This object MAY be extended with Specification Extensions. Lists the required security schemes to execute this operation.
+The name used for each property MUST correspond to a security scheme declared in the Security Schemes under the Components Object. Security Requirement Objects that contain multiple schemes require that all schemes MUST be satisfied for a request to be authorized.
+This enables support for scenarios where multiple query parameters or HTTP headers are required to convey security information. When a list of Security Requirement Objects is defined on the OpenAPI Object or Operation Object, only one of the Security Requirement Objects in the list needs to be satisfied to authorize the request. Optional OAuth2 security as would be defined in an OpenAPI Object or an Operation Object: While the OpenAPI Specification tries to accommodate most use cases, additional data can be added to extend the specification at certain points. The extensions properties are implemented as patterned fields that are always prefixed by The extensions may or may not be supported by the available tooling, but those may be extended as well to add requested support (if tools are internal or open-sourced). Some objects in the OpenAPI Specification MAY be declared and remain empty, or be completely removed, even though they are inherently the core of the API documentation. The reasoning is to allow an additional layer of access control over the documentation.
+While not part of the specification itself, certain libraries MAY choose to allow access to parts of the documentation based on some form of authentication/authorization. Two examples of this:${e.l10n.sotd}
+${e.isPreview?t`
+
+`:""}
+${e.subjectPrefix} at the start of your
+ email's subject`:""}.${e.l10n.sotd}
+${e.isPreview?t`
+
+`:""}
+${e.isUnofficial?t`
+ ${e.subjectPrefix} at the start of your email's subject`:""}.${e.subjectPrefix} at the start of your email's subject`:""}.
+ `:""}
+ ${e.isCR?`\n W3C publishes a Candidate Recommendation to indicate that the document is believed to be\n stable and to encourage implementation by the developer community. This Candidate\n Recommendation is expected to advance to Proposed Recommendation no earlier than\n ${e.humanCREnd}.\n `:""}
+ ${e.isPER?t`
+ W3C Advisory Committee Members are invited to
+ send formal review comments on this Proposed
+ Edited Recommendation to the W3C Team until
+ ${e.humanPEREnd}.
+ Members of the Advisory Committee will find the
+ appropriate review form for this document by
+ consulting their list of current
+ WBS questionnaires.
+ `:""}
+ ${e.isPR?t`
+ The W3C Membership and other interested parties are invited to review the document and
+ send comments to
+ ${e.wgPublicList}@w3.org
+ (subscribe,
+ archives)
+ through ${e.humanPREnd}. Advisory Committee Representatives should consult their
+ WBS questionnaires.
+ Note that substantive technical comments were expected during the Candidate Recommendation
+ review period that ended ${e.humanCREnd}.
+ `:""}
+
+ `,n.querySelector("img").src=e.src,n})}),define("w3c/templates/show-people",["exports"],function(e){Object.defineProperty(e,"__esModule",{value:!0}),e.default=((e,t,n=[])=>{const r=hyperHTML,i=[];for(let e=0;e
${e.title}
+ ${e.subtitle?t`
+ ${e.subtitle}
+ `:""}
+ ${e.longStatus}
+
+ ${e.thisVersion?t`
+
+ ${e.alternateFormats?t`
+
+
+ `,n.querySelector("img").src=e.src,n})}),define("oai/templates/show-people",["exports"],function(e){Object.defineProperty(e,"__esModule",{value:!0}),e.default=((e,t,n=[])=>{const r=hyperHTML,i=[];for(let e=0;e
OpenAPI Specification v3.1.0
Status of This Document
The source-of-truth for the specification is the GitHub markdown file referenced above.OpenAPI Specification
+Version 3.1.0
+Introduction
+Definitions
+OpenAPI Document
+Path Templating
+/), question marks (?), or hashes (#).Media Types
+
+
+ text/plain; charset=utf-8
+ application/json
+ application/vnd.github+json
+ application/vnd.github.v3+json
+ application/vnd.github.v3.raw+json
+ application/vnd.github.v3.text+json
+ application/vnd.github.v3.html+json
+ application/vnd.github.v3.full+json
+ application/vnd.github.v3.diff
+ application/vnd.github.v3.patch
+HTTP Status Codes
+Specification
+Versions
+major.minor.patch versioning scheme. The major.minor portion of the version string (for example 3.1) SHALL designate the OAS feature set. .patch versions address errors in, or provide clarifications to, this document, not the feature set. Tooling which supports OAS 3.1 SHOULD be compatible with all OAS 3.1.* versions. The patch version SHOULD NOT be considered by tooling, making no distinction between 3.1.0 and 3.1.1 for example.minor versions of the OAS where impact is believed to be low relative to the benefit provided.openapi field which designates the version of the OAS that it uses.Format
+
+{
+ "field": [ 1, 2, 3 ]
+}
+
+
+Document Structure
+Reference Objects and Schema Object $ref keywords are used.openapi.json or openapi.yaml.Data Types
+integer as a type is also supported and is defined as a JSON number without a fraction or exponent part.
+Models are defined using the Schema Object, which is a superset of JSON Schema Specification Draft 2020-12.format.
+OAS defines additional formats to provide fine detail for primitive data types.
+
+
+
+
+
+
+typeformatComments
+
+
+integerint32signed 32 bits
+
+
+integerint64signed 64 bits (a.k.a long)
+
+
+numberfloat
+
+
+numberdouble
+
+
+
+stringpasswordA hint to UIs to obscure input.
+Rich Text Formatting
+description fields are noted as supporting CommonMark markdown formatting.
+Where OpenAPI tooling renders rich text it MUST support, at a minimum, markdown syntax as described by CommonMark 0.27. Tooling MAY choose to ignore some CommonMark features to address security concerns.Relative References in URIs
+Reference Objects, PathItem Object $ref fields, Link Object operationRef fields and Example Object externalValue fields, are resolved using the referring document as the Base URI according to [[!RFC3986]].Schema Objects, including any that appear as $id values, use the nearest parent $id as a Base URI, as described by JSON Schema Specification Draft 2020-12. If no parent schema contains an $id, then the Base URI MUST be determined according to [[!RFC3986]].Relative References in URLs
+Server Object as a Base URL. Note that these themselves MAY be relative to the referring document.Schema
+OpenAPI Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ openapi
+stringREQUIRED. This string MUST be the version number of the OpenAPI Specification that the OpenAPI document uses. The
+openapi field SHOULD be used by tooling to interpret the OpenAPI document. This is not related to the API info.version string.
+
+ info
+Info Object
+REQUIRED. Provides metadata about the API. The metadata MAY be used by tooling as required.
+
+
+ jsonSchemaDialect
+stringThe default value for the
+$schema keyword within Schema Objects contained within this OAS document. This MUST be in the form of a URI.
+
+ servers
+[Server Object]
+An array of Server Objects, which provide connectivity information to a target server. If the
+servers property is not provided, or is an empty array, the default value would be a Server Object with a url value of /.
+
+ paths
+Paths Object
+The available paths and operations for the API.
+
+
+ webhooks
+Map[
+string, Path Item Object | Reference Object] ]The incoming webhooks that MAY be received as part of this API and that the API consumer MAY choose to implement. Closely related to the
+callbacks feature, this section describes requests initiated other than by an API call, for example by an out of band registration. The key name is a unique string to refer to each webhook, while the (optionally referenced) Path Item Object describes a request that may be initiated by the API provider and the expected responses. An example is available.
+
+ components
+Components Object
+An element to hold various schemas for the document.
+
+
+ security
+[Security Requirement Object]
+A declaration of which security mechanisms can be used across the API. The list of values includes alternative security requirement objects that can be used. Only one of the security requirement objects need to be satisfied to authorize a request. Individual operations can override this definition. To make security optional, an empty security requirement (
+{}) can be included in the array.
+
+ tags
+[Tag Object]
+A list of tags used by the document with additional metadata. The order of the tags can be used to reflect on their order by the parsing tools. Not all tags that are used by the Operation Object must be declared. The tags that are not declared MAY be organized randomly or based on the tools’ logic. Each tag name in the list MUST be unique.
+
+
+
+ externalDocs
+External Documentation Object
+Additional external documentation.
+Info Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ title
+stringREQUIRED. The title of the API.
+
+
+ summary
+stringA short summary of the API.
+
+
+ description
+stringA description of the API. CommonMark syntax MAY be used for rich text representation.
+
+
+ termsOfService
+stringA URL to the Terms of Service for the API. This MUST be in the form of a URL.
+
+
+ contact
+Contact Object
+The contact information for the exposed API.
+
+
+ license
+License Object
+The license information for the exposed API.
+
+
+
+ version
+stringREQUIRED. The version of the OpenAPI document (which is distinct from the OpenAPI Specification version or the API implementation version).
+Info Object Example
+
+{
+ "title": "Sample Pet Store App",
+ "summary": "A pet store manager.",
+ "description": "This is a sample server for a pet store.",
+ "termsOfService": "https://example.com/terms/",
+ "contact": {
+ "name": "API Support",
+ "url": "https://www.example.com/support",
+ "email": "support@example.com"
+ },
+ "license": {
+ "name": "Apache 2.0",
+ "url": "https://www.apache.org/licenses/LICENSE-2.0.html"
+ },
+ "version": "1.0.1"
+}
+
+title: Sample Pet Store App
+summary: A pet store manager.
+description: This is a sample server for a pet store.
+termsOfService: https://example.com/terms/
+contact:
+ name: API Support
+ url: https://www.example.com/support
+ email: support@example.com
+license:
+ name: Apache 2.0
+ url: https://www.apache.org/licenses/LICENSE-2.0.html
+version: 1.0.1
+Contact Object
+Fixed Fields
+Contact Object Example
+
+{
+ "name": "API Support",
+ "url": "https://www.example.com/support",
+ "email": "support@example.com"
+}
+
+name: API Support
+url: https://www.example.com/support
+email: support@example.com
+License Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ name
+stringREQUIRED. The license name used for the API.
+
+
+ identifier
+stringAn SPDX license expression for the API. The
+identifier field is mutually exclusive of the url field.
+
+
+ url
+stringA URL to the license used for the API. This MUST be in the form of a URL. The
+url field is mutually exclusive of the identifier field.License Object Example
+
+{
+ "name": "Apache 2.0",
+ "identifier": "Apache-2.0"
+}
+
+name: Apache 2.0
+identifier: Apache-2.0
+Server Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ url
+stringREQUIRED. A URL to the target host. This URL supports Server Variables and MAY be relative, to indicate that the host location is relative to the location where the OpenAPI document is being served. Variable substitutions will be made when a variable is named in
+{brackets}.
+
+ description
+stringAn optional string describing the host designated by the URL. CommonMark syntax MAY be used for rich text representation.
+
+
+
+ variables
+Map[
+string, Server Variable Object]A map between a variable name and its value. The value is used for substitution in the server’s URL template.
+Server Object Example
+
+{
+ "url": "https://development.gigantic-server.com/v1",
+ "description": "Development server"
+}
+
+url: https://development.gigantic-server.com/v1
+description: Development server
+servers:
+{
+ "servers": [
+ {
+ "url": "https://development.gigantic-server.com/v1",
+ "description": "Development server"
+ },
+ {
+ "url": "https://staging.gigantic-server.com/v1",
+ "description": "Staging server"
+ },
+ {
+ "url": "https://api.gigantic-server.com/v1",
+ "description": "Production server"
+ }
+ ]
+}
+
+servers:
+- url: https://development.gigantic-server.com/v1
+ description: Development server
+- url: https://staging.gigantic-server.com/v1
+ description: Staging server
+- url: https://api.gigantic-server.com/v1
+ description: Production server
+
+{
+ "servers": [
+ {
+ "url": "https://{username}.gigantic-server.com:{port}/{basePath}",
+ "description": "The production API server",
+ "variables": {
+ "username": {
+ "default": "demo",
+ "description": "this value is assigned by the service provider, in this example `gigantic-server.com`"
+ },
+ "port": {
+ "enum": [
+ "8443",
+ "443"
+ ],
+ "default": "8443"
+ },
+ "basePath": {
+ "default": "v2"
+ }
+ }
+ }
+ ]
+}
+
+servers:
+- url: https://{username}.gigantic-server.com:{port}/{basePath}
+ description: The production API server
+ variables:
+ username:
+ # note! no enum here means it is an open value
+ default: demo
+ description: this value is assigned by the service provider, in this example `gigantic-server.com`
+ port:
+ enum:
+ - '8443'
+ - '443'
+ default: '8443'
+ basePath:
+ # open meaning there is the opportunity to use special base paths as assigned by the provider, default is `v2`
+ default: v2
+Server Variable Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ enum
+[
+string]An enumeration of string values to be used if the substitution options are from a limited set. The array MUST NOT be empty.
+
+
+ default
+stringREQUIRED. The default value to use for substitution, which SHALL be sent if an alternate value is not supplied. Note this behavior is different than the Schema Object’s treatment of default values, because in those cases parameter values are optional. If the
+enum is defined, the value MUST exist in the enum’s values.
+
+
+ description
+stringAn optional description for the server variable. CommonMark syntax MAY be used for rich text representation.
+Components Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ schemas
+Map[
+string, Schema Object]An object to hold reusable Schema Objects.
+
+
+ responses
+Map[
+string, Response Object | Reference Object]An object to hold reusable Response Objects.
+
+
+ parameters
+Map[
+string, Parameter Object | Reference Object]An object to hold reusable Parameter Objects.
+
+
+ examples
+Map[
+string, Example Object | Reference Object]An object to hold reusable Example Objects.
+
+
+ requestBodies
+Map[
+string, Request Body Object | Reference Object]An object to hold reusable Request Body Objects.
+
+
+ headers
+Map[
+string, Header Object | Reference Object]An object to hold reusable Header Objects.
+
+
+ securitySchemes
+Map[
+string, Security Scheme Object | Reference Object]An object to hold reusable Security Scheme Objects.
+
+
+ links
+Map[
+string, Link Object | Reference Object]An object to hold reusable Link Objects.
+
+
+ callbacks
+Map[
+string, Callback Object | Reference Object]An object to hold reusable Callback Objects.
+
+
+
+ pathItems
+Map[
+string, Path Item Object | Reference Object]An object to hold reusable Path Item Object.
+^[a-zA-Z0-9\.\-_]+$.
+
+User
+User_1
+User_Name
+user-name
+my.org.User
+Components Object Example
+
+"components": {
+ "schemas": {
+ "GeneralError": {
+ "type": "object",
+ "properties": {
+ "code": {
+ "type": "integer",
+ "format": "int32"
+ },
+ "message": {
+ "type": "string"
+ }
+ }
+ },
+ "Category": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "integer",
+ "format": "int64"
+ },
+ "name": {
+ "type": "string"
+ }
+ }
+ },
+ "Tag": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "integer",
+ "format": "int64"
+ },
+ "name": {
+ "type": "string"
+ }
+ }
+ }
+ },
+ "parameters": {
+ "skipParam": {
+ "name": "skip",
+ "in": "query",
+ "description": "number of items to skip",
+ "required": true,
+ "schema": {
+ "type": "integer",
+ "format": "int32"
+ }
+ },
+ "limitParam": {
+ "name": "limit",
+ "in": "query",
+ "description": "max records to return",
+ "required": true,
+ "schema" : {
+ "type": "integer",
+ "format": "int32"
+ }
+ }
+ },
+ "responses": {
+ "NotFound": {
+ "description": "Entity not found."
+ },
+ "IllegalInput": {
+ "description": "Illegal input for operation."
+ },
+ "GeneralError": {
+ "description": "General Error",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GeneralError"
+ }
+ }
+ }
+ }
+ },
+ "securitySchemes": {
+ "api_key": {
+ "type": "apiKey",
+ "name": "api_key",
+ "in": "header"
+ },
+ "petstore_auth": {
+ "type": "oauth2",
+ "flows": {
+ "implicit": {
+ "authorizationUrl": "https://example.org/api/oauth/dialog",
+ "scopes": {
+ "write:pets": "modify pets in your account",
+ "read:pets": "read your pets"
+ }
+ }
+ }
+ }
+ }
+}
+
+components:
+ schemas:
+ GeneralError:
+ type: object
+ properties:
+ code:
+ type: integer
+ format: int32
+ message:
+ type: string
+ Category:
+ type: object
+ properties:
+ id:
+ type: integer
+ format: int64
+ name:
+ type: string
+ Tag:
+ type: object
+ properties:
+ id:
+ type: integer
+ format: int64
+ name:
+ type: string
+ parameters:
+ skipParam:
+ name: skip
+ in: query
+ description: number of items to skip
+ required: true
+ schema:
+ type: integer
+ format: int32
+ limitParam:
+ name: limit
+ in: query
+ description: max records to return
+ required: true
+ schema:
+ type: integer
+ format: int32
+ responses:
+ NotFound:
+ description: Entity not found.
+ IllegalInput:
+ description: Illegal input for operation.
+ GeneralError:
+ description: General Error
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GeneralError'
+ securitySchemes:
+ api_key:
+ type: apiKey
+ name: api_key
+ in: header
+ petstore_auth:
+ type: oauth2
+ flows:
+ implicit:
+ authorizationUrl: https://example.org/api/oauth/dialog
+ scopes:
+ write:pets: modify pets in your account
+ read:pets: read your pets
+Paths Object
+Server Object in order to construct the full URL. The Paths MAY be empty, due to Access Control List (ACL) constraints.Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ /{path}
+Path Item Object
+A relative path to an individual endpoint. The field name MUST begin with a forward slash (
+/). The path is appended (no relative URL resolution) to the expanded URL from the Server Object’s url field in order to construct the full URL. Path templating is allowed. When matching URLs, concrete (non-templated) paths would be matched before their templated counterparts. Templated paths with the same hierarchy but different templated names MUST NOT exist as they are identical. In case of ambiguous matching, it’s up to the tooling to decide which one to use.Path Templating Matching
+/pets/mine, will be matched first if used:
+
+ /pets/{petId}
+ /pets/mine
+
+
+ /pets/{petId}
+ /pets/{name}
+
+
+ /{entity}/me
+ /books/{id}
+Paths Object Example
+
+{
+ "/pets": {
+ "get": {
+ "description": "Returns all pets from the system that the user has access to",
+ "responses": {
+ "200": {
+ "description": "A list of pets.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/pet"
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+}
+
+/pets:
+ get:
+ description: Returns all pets from the system that the user has access to
+ responses:
+ '200':
+ description: A list of pets.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/pet'
+Path Item Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ $ref
+stringAllows for a referenced definition of this path item. The referenced structure MUST be in the form of a Path Item Object. In case a Path Item Object field appears both in the defined object and the referenced object, the behavior is undefined. See the rules for resolving Relative References.
+
+
+ summary
+stringAn optional, string summary, intended to apply to all operations in this path.
+
+
+ description
+stringAn optional, string description, intended to apply to all operations in this path. CommonMark syntax MAY be used for rich text representation.
+
+
+ get
+Operation Object
+A definition of a GET operation on this path.
+
+
+ put
+Operation Object
+A definition of a PUT operation on this path.
+
+
+ post
+Operation Object
+A definition of a POST operation on this path.
+
+
+ delete
+Operation Object
+A definition of a DELETE operation on this path.
+
+
+ options
+Operation Object
+A definition of a OPTIONS operation on this path.
+
+
+ head
+Operation Object
+A definition of a HEAD operation on this path.
+
+
+ patch
+Operation Object
+A definition of a PATCH operation on this path.
+
+
+ trace
+Operation Object
+A definition of a TRACE operation on this path.
+
+
+ servers
+[Server Object]
+An alternative
+server array to service all operations in this path.
+
+
+ parameters
+[Parameter Object | Reference Object]
+A list of parameters that are applicable for all the operations described under this path. These parameters can be overridden at the operation level, but cannot be removed there. The list MUST NOT include duplicated parameters. A unique parameter is defined by a combination of a name and location. The list can use the Reference Object to link to parameters that are defined at the OpenAPI Object’s components/parameters.
+Path Item Object Example
+
+{
+ "get": {
+ "description": "Returns pets based on ID",
+ "summary": "Find pets by ID",
+ "operationId": "getPetsById",
+ "responses": {
+ "200": {
+ "description": "pet response",
+ "content": {
+ "*/*": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/Pet"
+ }
+ }
+ }
+ }
+ },
+ "default": {
+ "description": "error payload",
+ "content": {
+ "text/html": {
+ "schema": {
+ "$ref": "#/components/schemas/ErrorModel"
+ }
+ }
+ }
+ }
+ }
+ },
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of pet to use",
+ "required": true,
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "style": "simple"
+ }
+ ]
+}
+
+get:
+ description: Returns pets based on ID
+ summary: Find pets by ID
+ operationId: getPetsById
+ responses:
+ '200':
+ description: pet response
+ content:
+ '*/*' :
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/Pet'
+ default:
+ description: error payload
+ content:
+ 'text/html':
+ schema:
+ $ref: '#/components/schemas/ErrorModel'
+parameters:
+- name: id
+ in: path
+ description: ID of pet to use
+ required: true
+ schema:
+ type: array
+ items:
+ type: string
+ style: simple
+Operation Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ tags
+[
+string]A list of tags for API documentation control. Tags can be used for logical grouping of operations by resources or any other qualifier.
+
+
+ summary
+stringA short summary of what the operation does.
+
+
+ description
+stringA verbose explanation of the operation behavior. CommonMark syntax MAY be used for rich text representation.
+
+
+ externalDocs
+External Documentation Object
+Additional external documentation for this operation.
+
+
+ operationId
+stringUnique string used to identify the operation. The id MUST be unique among all operations described in the API. The operationId value is case-sensitive. Tools and libraries MAY use the operationId to uniquely identify an operation, therefore, it is RECOMMENDED to follow common programming naming conventions.
+
+
+ parameters
+[Parameter Object | Reference Object]
+A list of parameters that are applicable for this operation. If a parameter is already defined at the Path Item, the new definition will override it but can never remove it. The list MUST NOT include duplicated parameters. A unique parameter is defined by a combination of a name and location. The list can use the Reference Object to link to parameters that are defined at the OpenAPI Object’s components/parameters.
+
+
+ requestBody
+Request Body Object | Reference Object
+The request body applicable for this operation. The
+requestBody is fully supported in HTTP methods where the HTTP 1.1 specification [[!RFC7231]] has explicitly defined semantics for request bodies. In other cases where the HTTP spec is vague (such as GET, HEAD and DELETE), requestBody is permitted but does not have well-defined semantics and SHOULD be avoided if possible.
+
+ responses
+Responses Object
+The list of possible responses as they are returned from executing this operation.
+
+
+ callbacks
+Map[
+string, Callback Object | Reference Object]A map of possible out-of band callbacks related to the parent operation. The key is a unique identifier for the Callback Object. Each value in the map is a Callback Object that describes a request that may be initiated by the API provider and the expected responses.
+
+
+ deprecated
+booleanDeclares this operation to be deprecated. Consumers SHOULD refrain from usage of the declared operation. Default value is
+false.
+
+ security
+[Security Requirement Object]
+A declaration of which security mechanisms can be used for this operation. The list of values includes alternative security requirement objects that can be used. Only one of the security requirement objects need to be satisfied to authorize a request. To make security optional, an empty security requirement (
+{}) can be included in the array. This definition overrides any declared top-level security. To remove a top-level security declaration, an empty array can be used.
+
+
+ servers
+[Server Object]
+An alternative
+server array to service this operation. If an alternative server object is specified at the Path Item Object or Root level, it will be overridden by this value.Operation Object Example
+
+{
+ "tags": [
+ "pet"
+ ],
+ "summary": "Updates a pet in the store with form data",
+ "operationId": "updatePetWithForm",
+ "parameters": [
+ {
+ "name": "petId",
+ "in": "path",
+ "description": "ID of pet that needs to be updated",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "type": "object",
+ "properties": {
+ "name": {
+ "description": "Updated name of the pet",
+ "type": "string"
+ },
+ "status": {
+ "description": "Updated status of the pet",
+ "type": "string"
+ }
+ },
+ "required": ["status"]
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Pet updated.",
+ "content": {
+ "application/json": {},
+ "application/xml": {}
+ }
+ },
+ "405": {
+ "description": "Method Not Allowed",
+ "content": {
+ "application/json": {},
+ "application/xml": {}
+ }
+ }
+ },
+ "security": [
+ {
+ "petstore_auth": [
+ "write:pets",
+ "read:pets"
+ ]
+ }
+ ]
+}
+
+tags:
+- pet
+summary: Updates a pet in the store with form data
+operationId: updatePetWithForm
+parameters:
+- name: petId
+ in: path
+ description: ID of pet that needs to be updated
+ required: true
+ schema:
+ type: string
+requestBody:
+ content:
+ 'application/x-www-form-urlencoded':
+ schema:
+ type: object
+ properties:
+ name:
+ description: Updated name of the pet
+ type: string
+ status:
+ description: Updated status of the pet
+ type: string
+ required:
+ - status
+responses:
+ '200':
+ description: Pet updated.
+ content:
+ 'application/json': {}
+ 'application/xml': {}
+ '405':
+ description: Method Not Allowed
+ content:
+ 'application/json': {}
+ 'application/xml': {}
+security:
+- petstore_auth:
+ - write:pets
+ - read:pets
+External Documentation Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ description
+stringA description of the target documentation. CommonMark syntax MAY be used for rich text representation.
+
+
+
+ url
+stringREQUIRED. The URL for the target documentation. This MUST be in the form of a URL.
+External Documentation Object Example
+
+{
+ "description": "Find more info here",
+ "url": "https://example.com"
+}
+
+description: Find more info here
+url: https://example.com
+Parameter Object
+Parameter Locations
+in field:
+
+/items/{itemId}, the path parameter is itemId./items?id=###, the query parameter is id.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ name
+stringREQUIRED. The name of the parameter. Parameter names are case sensitive.
+in is "path", the name field MUST correspond to a template expression occurring within the path field in the Paths Object. See Path Templating for further information.in is "header" and the name field is "Accept", "Content-Type" or "Authorization", the parameter definition SHALL be ignored.name corresponds to the parameter name used by the in property.
+
+ in
+stringREQUIRED. The location of the parameter. Possible values are
+"query", "header", "path" or "cookie".
+
+ description
+stringA brief description of the parameter. This could contain examples of use. CommonMark syntax MAY be used for rich text representation.
+
+
+ required
+booleanDetermines whether this parameter is mandatory. If the parameter location is
+"path", this property is REQUIRED and its value MUST be true. Otherwise, the property MAY be included and its default value is false.
+
+ deprecated
+booleanSpecifies that a parameter is deprecated and SHOULD be transitioned out of usage. Default value is
+false.
+
+
+ allowEmptyValue
+booleanSets the ability to pass empty-valued parameters. This is valid only for
+query parameters and allows sending a parameter with an empty value. Default value is false. If style is used, and if behavior is n/a (cannot be serialized), the value of allowEmptyValue SHALL be ignored. Use of this property is NOT RECOMMENDED, as it is likely to be removed in a later revision.schema and style can describe the structure and syntax of the parameter.
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ style
+stringDescribes how the parameter value will be serialized depending on the type of the parameter value. Default values (based on value of
+in): for query - form; for path - simple; for header - simple; for cookie - form.
+
+ explode
+booleanWhen this is true, parameter values of type
+array or object generate separate parameters for each value of the array or key-value pair of the map. For other types of parameters this property has no effect. When style is form, the default value is true. For all other styles, the default value is false.
+
+ allowReserved
+booleanDetermines whether the parameter value SHOULD allow reserved characters, as defined by [[!RFC3986]]
+:/?#[]@!$&'()*+,;= to be included without percent-encoding. This property only applies to parameters with an in value of query. The default value is false.
+
+ schema
+Schema Object
+The schema defining the type used for the parameter.
+
+
+ example
+Any
+Example of the parameter’s potential value. The example SHOULD match the specified schema and encoding properties if present. The
+example field is mutually exclusive of the examples field. Furthermore, if referencing a schema that contains an example, the example value SHALL override the example provided by the schema. To represent examples of media types that cannot naturally be represented in JSON or YAML, a string value can contain the example with escaping where necessary.
+
+
+ examples
+Map[
+string, Example Object | Reference Object]Examples of the parameter’s potential value. Each example SHOULD contain a value in the correct format as specified in the parameter encoding. The
+examples field is mutually exclusive of the example field. Furthermore, if referencing a schema that contains an example, the examples value SHALL override the example provided by the schema.content property can define the media type and schema of the parameter.
+A parameter MUST contain either a schema property, or a content property, but not both.
+When example or examples are provided in conjunction with the schema object, the example MUST follow the prescribed serialization strategy for the parameter.
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+
+ content
+Map[
+string, Media Type Object]A map containing the representations for the parameter. The key is the media type and the value describes it. The map MUST only contain one entry.
+Style Values
+style values are defined.
+
+
+
+
+
+
+styletypeinComments
+
+
+matrix
+primitive, array, objectpathPath-style parameters defined by [[!RFC6570]]
+
+
+label
+primitive, array, objectpathLabel style parameters defined by [[!RFC6570]]
+
+
+form
+primitive, array, objectquery, cookieForm style parameters defined by [[!RFC6570]]. This option replaces
+collectionFormat with a csv (when explode is false) or multi (when explode is true) value from OpenAPI 2.0.
+
+simple
+arraypath, headerSimple style parameters defined by [[!RFC6570]]. This option replaces
+collectionFormat with a csv value from OpenAPI 2.0.
+
+spaceDelimited
+array, objectquerySpace separated array or object values. This option replaces
+collectionFormat equal to ssv from OpenAPI 2.0.
+
+pipeDelimited
+array, objectqueryPipe separated array or object values. This option replaces
+collectionFormat equal to pipes from OpenAPI 2.0.
+
+
+deepObject
+objectqueryProvides a simple way of rendering nested objects using form parameters.
+Style Examples
+color has one of the following values:
+
+ string -> "blue"
+ array -> ["blue","black","brown"]
+ object -> { "R": 100, "G": 200, "B": 150 }
+
+
+
+
+
+
+
+styleexplodeemptystringarrayobject
+
+matrix
+false
+;color
+;color=blue
+;color=blue,black,brown
+;color=R,100,G,200,B,150
+
+
+matrix
+true
+;color
+;color=blue
+;color=blue;color=black;color=brown
+;R=100;G=200;B=150
+
+
+label
+false
+.
+.blue
+.blue.black.brown
+.R.100.G.200.B.150
+
+
+label
+true
+.
+.blue
+.blue.black.brown
+.R=100.G=200.B=150
+
+
+form
+false
+color=
+color=blue
+color=blue,black,brown
+color=R,100,G,200,B,150
+
+
+form
+true
+color=
+color=blue
+color=blue&color=black&color=brown
+R=100&G=200&B=150
+
+
+simple
+false
+n/a
+blue
+blue,black,brown
+R,100,G,200,B,150
+
+
+simple
+true
+n/a
+blue
+blue,black,brown
+R=100,G=200,B=150
+
+
+spaceDelimited
+false
+n/a
+n/a
+blue%20black%20brown
+R%20100%20G%20200%20B%20150
+
+
+pipeDelimited
+false
+n/a
+n/a
+blue|black|brown
+R|100|G|200|B|150
+
+
+
+deepObject
+true
+n/a
+n/a
+n/a
+color[R]=100&color[G]=200&color[B]=150
+Parameter Object Examples
+
+{
+ "name": "token",
+ "in": "header",
+ "description": "token to be passed as a header",
+ "required": true,
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "integer",
+ "format": "int64"
+ }
+ },
+ "style": "simple"
+}
+
+name: token
+in: header
+description: token to be passed as a header
+required: true
+schema:
+ type: array
+ items:
+ type: integer
+ format: int64
+style: simple
+
+{
+ "name": "username",
+ "in": "path",
+ "description": "username to fetch",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+}
+
+name: username
+in: path
+description: username to fetch
+required: true
+schema:
+ type: string
+
+{
+ "name": "id",
+ "in": "query",
+ "description": "ID of the object to fetch",
+ "required": false,
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "style": "form",
+ "explode": true
+}
+
+name: id
+in: query
+description: ID of the object to fetch
+required: false
+schema:
+ type: array
+ items:
+ type: string
+style: form
+explode: true
+
+{
+ "in": "query",
+ "name": "freeForm",
+ "schema": {
+ "type": "object",
+ "additionalProperties": {
+ "type": "integer"
+ },
+ },
+ "style": "form"
+}
+
+in: query
+name: freeForm
+schema:
+ type: object
+ additionalProperties:
+ type: integer
+style: form
+content to define serialization:
+{
+ "in": "query",
+ "name": "coordinates",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "object",
+ "required": [
+ "lat",
+ "long"
+ ],
+ "properties": {
+ "lat": {
+ "type": "number"
+ },
+ "long": {
+ "type": "number"
+ }
+ }
+ }
+ }
+ }
+}
+
+in: query
+name: coordinates
+content:
+ application/json:
+ schema:
+ type: object
+ required:
+ - lat
+ - long
+ properties:
+ lat:
+ type: number
+ long:
+ type: number
+Request Body Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ description
+stringA brief description of the request body. This could contain examples of use. CommonMark syntax MAY be used for rich text representation.
+
+
+ content
+Map[
+string, Media Type Object]REQUIRED. The content of the request body. The key is a media type or media type range and the value describes it. For requests that match multiple keys, only the most specific key is applicable. e.g. text/plain overrides text/*
+
+
+
+ required
+booleanDetermines if the request body is required in the request. Defaults to
+false.Request Body Examples
+
+{
+ "description": "user to add to the system",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/User"
+ },
+ "examples": {
+ "user" : {
+ "summary": "User Example",
+ "externalValue": "https://foo.bar/examples/user-example.json"
+ }
+ }
+ },
+ "application/xml": {
+ "schema": {
+ "$ref": "#/components/schemas/User"
+ },
+ "examples": {
+ "user" : {
+ "summary": "User example in XML",
+ "externalValue": "https://foo.bar/examples/user-example.xml"
+ }
+ }
+ },
+ "text/plain": {
+ "examples": {
+ "user" : {
+ "summary": "User example in Plain text",
+ "externalValue": "https://foo.bar/examples/user-example.txt"
+ }
+ }
+ },
+ "*/*": {
+ "examples": {
+ "user" : {
+ "summary": "User example in other format",
+ "externalValue": "https://foo.bar/examples/user-example.whatever"
+ }
+ }
+ }
+ }
+}
+
+description: user to add to the system
+content:
+ 'application/json':
+ schema:
+ $ref: '#/components/schemas/User'
+ examples:
+ user:
+ summary: User Example
+ externalValue: 'https://foo.bar/examples/user-example.json'
+ 'application/xml':
+ schema:
+ $ref: '#/components/schemas/User'
+ examples:
+ user:
+ summary: User example in XML
+ externalValue: 'https://foo.bar/examples/user-example.xml'
+ 'text/plain':
+ examples:
+ user:
+ summary: User example in Plain text
+ externalValue: 'https://foo.bar/examples/user-example.txt'
+ '*/*':
+ examples:
+ user:
+ summary: User example in other format
+ externalValue: 'https://foo.bar/examples/user-example.whatever'
+
+{
+ "description": "user to add to the system",
+ "required": true,
+ "content": {
+ "text/plain": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ }
+ }
+}
+
+description: user to add to the system
+required: true
+content:
+ text/plain:
+ schema:
+ type: array
+ items:
+ type: string
+Media Type Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ schema
+Schema Object
+The schema defining the content of the request, response, or parameter.
+
+
+ example
+Any
+Example of the media type. The example object SHOULD be in the correct format as specified by the media type. The
+example field is mutually exclusive of the examples field. Furthermore, if referencing a schema which contains an example, the example value SHALL override the example provided by the schema.
+
+ examples
+Map[
+string, Example Object | Reference Object]Examples of the media type. Each example object SHOULD match the media type and specified schema if present. The
+examples field is mutually exclusive of the example field. Furthermore, if referencing a schema which contains an example, the examples value SHALL override the example provided by the schema.
+
+
+ encoding
+Map[
+string, Encoding Object]A map between a property name and its encoding information. The key, being the property name, MUST exist in the schema as a property. The encoding object SHALL only apply to
+requestBody objects when the media type is multipart or application/x-www-form-urlencoded.Media Type Examples
+
+{
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/Pet"
+ },
+ "examples": {
+ "cat" : {
+ "summary": "An example of a cat",
+ "value":
+ {
+ "name": "Fluffy",
+ "petType": "Cat",
+ "color": "White",
+ "gender": "male",
+ "breed": "Persian"
+ }
+ },
+ "dog": {
+ "summary": "An example of a dog with a cat's name",
+ "value" : {
+ "name": "Puma",
+ "petType": "Dog",
+ "color": "Black",
+ "gender": "Female",
+ "breed": "Mixed"
+ },
+ "frog": {
+ "$ref": "#/components/examples/frog-example"
+ }
+ }
+ }
+ }
+}
+
+application/json:
+ schema:
+ $ref: "#/components/schemas/Pet"
+ examples:
+ cat:
+ summary: An example of a cat
+ value:
+ name: Fluffy
+ petType: Cat
+ color: White
+ gender: male
+ breed: Persian
+ dog:
+ summary: An example of a dog with a cat's name
+ value:
+ name: Puma
+ petType: Dog
+ color: Black
+ gender: Female
+ breed: Mixed
+ frog:
+ $ref: "#/components/examples/frog-example"
+Considerations for File Uploads
+file input/output content in OpenAPI is described with the same semantics as any other schema type.format keyword has no effect on the content-encoding of the schema. JSON Schema offers a contentEncoding keyword, which may be used to specify the Content-Encoding for the schema. The contentEncoding keyword supports all encodings defined in [[!RFC4648]], including “base64” and “base64url”, as well as “quoted-printable” from [[!RFC2045]]. The encoding specified by the contentEncoding keyword is independent of an encoding specified by the Content-Type header in the request or response or metadata of a multipart body – when both are present, the encoding specified in the contentEncoding is applied first and then the encoding specified in the Content-Type header.contentMediaType keyword. However, when the media type is already specified by the Media Type Object’s key, or by the contentType field of an Encoding Object, the contentMediaType keyword SHALL be ignored if present.schema:
+# a PNG image as a binary file:
+content:
+ image/png: {}
+
+# an arbitrary binary file:
+content:
+ application/octet-stream: {}
+
+content:
+ image/png:
+ schema:
+ type: string
+ contentMediaType: image/png
+ contentEncoding: base64
+Content-Type remains image/png, describing the semantics of the payload. The JSON Schema type and contentEncoding fields explain that the payload is transferred as text. The JSON Schema contentMediaType is technically redundant, but can be used by JSON Schema tools that may not be aware of the OpenAPI context.requestBody for submitting a file in a POST operation may look like the following example:
+requestBody:
+ content:
+ application/octet-stream: {}
+
+# multiple, specific media types may be specified:
+requestBody:
+ content:
+ # a binary file of type png or jpeg
+ image/jpeg: {}
+ image/png: {}
+multipart media type MUST be used:
+requestBody:
+ content:
+ multipart/form-data:
+ schema:
+ properties:
+ # The property name 'file' will be used for all files.
+ file:
+ type: array
+ items: {}
+multipart/form-data below, the empty schema for items indicates a media type of application/octet-stream.Support for x-www-form-urlencoded Request Bodies
+
+requestBody:
+ content:
+ application/x-www-form-urlencoded:
+ schema:
+ type: object
+ properties:
+ id:
+ type: string
+ format: uuid
+ address:
+ # complex types are stringified to support RFC 1866
+ type: object
+ properties: {}
+requestBody MUST be stringified per [[!RFC1866]] when passed to the server. In addition, the address field complex object will be stringified.application/x-www-form-urlencoded content type, the default serialization strategy of such properties is described in the Encoding Object’s style property as form.Special Considerations for
+multipart Contentmultipart/form-data as a Content-Type when transferring request bodies to operations. In contrast to 2.0, a schema is REQUIRED to define the input parameters to the operation when using multipart content. This supports complex structures as well as supporting mechanisms for multiple file uploads.multipart/form-data request body, each schema property, or each element of a schema array property, takes a section in the payload with an internal header as defined by [[!RFC7578]]. The serialization strategy for each property of a multipart/form-data request body can be specified in an associated Encoding Object.multipart types, boundaries MAY be used to separate sections of the content being transferred – thus, the following default Content-Types are defined for multipart:
+
+text/plainapplication/jsontype: string with a contentEncoding, the default Content-Type is application/octet-streamcontentMediaType without contentEncoding present is treated as if contentEncoding: identity were present. While useful for embedding text documents such as text/html into JSON strings, it is not useful for a multipart/form-data part, as it just causes the document to be treated as text/plain instead of its actual media type. Use the Encoding Object without contentMediaType if no contentEncoding is required.
+requestBody:
+ content:
+ multipart/form-data:
+ schema:
+ type: object
+ properties:
+ id:
+ type: string
+ format: uuid
+ address:
+ # default Content-Type for objects is `application/json`
+ type: object
+ properties: {}
+ profileImage:
+ # Content-Type for application-level encoded resource is `text/plain`
+ type: string
+ contentMediaType: image/png
+ contentEncoding: base64
+ children:
+ # default Content-Type for arrays is based on the _inner_ type (`text/plain` here)
+ type: array
+ items:
+ type: string
+ addresses:
+ # default Content-Type for arrays is based on the _inner_ type (object shown, so `application/json` in this example)
+ type: array
+ items:
+ type: object
+ $ref: '#/components/schemas/Address'
+encoding attribute is introduced to give you control over the serialization of parts of multipart request bodies. This attribute is only applicable to multipart and application/x-www-form-urlencoded request bodies.Encoding Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ contentType
+stringThe Content-Type for encoding a specific property. Default value depends on the property type: for
+object - application/json; for array – the default is defined based on the inner type; for all other cases the default is application/octet-stream. The value can be a specific media type (e.g. application/json), a wildcard media type (e.g. image/*), or a comma-separated list of the two types.
+
+ headers
+Map[
+string, Header Object | Reference Object]A map allowing additional information to be provided as headers, for example
+Content-Disposition. Content-Type is described separately and SHALL be ignored in this section. This property SHALL be ignored if the request body media type is not a multipart.
+
+ style
+stringDescribes how a specific property value will be serialized depending on its type. See Parameter Object for details on the
+style property. The behavior follows the same values as query parameters, including default values. This property SHALL be ignored if the request body media type is not application/x-www-form-urlencoded or multipart/form-data. If a value is explicitly defined, then the value of contentType (implicit or explicit) SHALL be ignored.
+
+ explode
+booleanWhen this is true, property values of type
+array or object generate separate parameters for each value of the array, or key-value-pair of the map. For other types of properties this property has no effect. When style is form, the default value is true. For all other styles, the default value is false. This property SHALL be ignored if the request body media type is not application/x-www-form-urlencoded or multipart/form-data. If a value is explicitly defined, then the value of contentType (implicit or explicit) SHALL be ignored.
+
+
+ allowReserved
+booleanDetermines whether the parameter value SHOULD allow reserved characters, as defined by [[!RFC3986]]
+:/?#[]@!$&'()*+,;= to be included without percent-encoding. The default value is false. This property SHALL be ignored if the request body media type is not application/x-www-form-urlencoded or multipart/form-data. If a value is explicitly defined, then the value of contentType (implicit or explicit) SHALL be ignored.Encoding Object Example
+
+requestBody:
+ content:
+ multipart/form-data:
+ schema:
+ type: object
+ properties:
+ id:
+ # default is text/plain
+ type: string
+ format: uuid
+ address:
+ # default is application/json
+ type: object
+ properties: {}
+ historyMetadata:
+ # need to declare XML format!
+ description: metadata in XML format
+ type: object
+ properties: {}
+ profileImage: {}
+ encoding:
+ historyMetadata:
+ # require XML Content-Type in utf-8 encoding
+ contentType: application/xml; charset=utf-8
+ profileImage:
+ # only accept png/jpeg
+ contentType: image/png, image/jpeg
+ headers:
+ X-Rate-Limit-Limit:
+ description: The number of allowed requests in the current period
+ schema:
+ type: integer
+Responses Object
+default MAY be used as a default response object for all HTTP codes
+that are not covered individually by the Responses Object.Responses Object MUST contain at least one response code, and if only one
+response code is provided it SHOULD be the response for a successful operation
+call.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+
+ default
+Response Object | Reference Object
+The documentation of responses other than the ones declared for specific HTTP response codes. Use this field to cover undeclared responses.
+Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ HTTP Status Code
+Response Object | Reference Object
+Any HTTP status code can be used as the property name, but only one property per code, to describe the expected response for that HTTP status code. This field MUST be enclosed in quotation marks (for example, “200”) for compatibility between JSON and YAML. To define a range of response codes, this field MAY contain the uppercase wildcard character
+X. For example, 2XX represents all response codes between [200-299]. Only the following range definitions are allowed: 1XX, 2XX, 3XX, 4XX, and 5XX. If a response is defined using an explicit code, the explicit code definition takes precedence over the range definition for that code.Responses Object Example
+
+{
+ "200": {
+ "description": "a pet to be returned",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/Pet"
+ }
+ }
+ }
+ },
+ "default": {
+ "description": "Unexpected error",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ErrorModel"
+ }
+ }
+ }
+ }
+}
+
+'200':
+ description: a pet to be returned
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Pet'
+default:
+ description: Unexpected error
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ErrorModel'
+Response Object
+links to operations based on the response.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ description
+stringREQUIRED. A description of the response. CommonMark syntax MAY be used for rich text representation.
+
+
+ headers
+Map[
+string, Header Object | Reference Object]Maps a header name to its definition. [[!RFC7230]] states header names are case insensitive. If a response header is defined with the name
+"Content-Type", it SHALL be ignored.
+
+ content
+Map[
+string, Media Type Object]A map containing descriptions of potential response payloads. The key is a media type or media type range and the value describes it. For responses that match multiple keys, only the most specific key is applicable. e.g. text/plain overrides text/*
+
+
+
+ links
+Map[
+string, Link Object | Reference Object]A map of operations links that can be followed from the response. The key of the map is a short name for the link, following the naming constraints of the names for Component Objects.
+Response Object Examples
+
+{
+ "description": "A complex object array response",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/VeryComplexType"
+ }
+ }
+ }
+ }
+}
+
+description: A complex object array response
+content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/VeryComplexType'
+
+{
+ "description": "A simple string response",
+ "content": {
+ "text/plain": {
+ "schema": {
+ "type": "string"
+ }
+ }
+ }
+
+}
+
+description: A simple string response
+content:
+ text/plain:
+ schema:
+ type: string
+
+{
+ "description": "A simple string response",
+ "content": {
+ "text/plain": {
+ "schema": {
+ "type": "string",
+ "example": "whoa!"
+ }
+ }
+ },
+ "headers": {
+ "X-Rate-Limit-Limit": {
+ "description": "The number of allowed requests in the current period",
+ "schema": {
+ "type": "integer"
+ }
+ },
+ "X-Rate-Limit-Remaining": {
+ "description": "The number of remaining requests in the current period",
+ "schema": {
+ "type": "integer"
+ }
+ },
+ "X-Rate-Limit-Reset": {
+ "description": "The number of seconds left in the current period",
+ "schema": {
+ "type": "integer"
+ }
+ }
+ }
+}
+
+description: A simple string response
+content:
+ text/plain:
+ schema:
+ type: string
+ example: 'whoa!'
+headers:
+ X-Rate-Limit-Limit:
+ description: The number of allowed requests in the current period
+ schema:
+ type: integer
+ X-Rate-Limit-Remaining:
+ description: The number of remaining requests in the current period
+ schema:
+ type: integer
+ X-Rate-Limit-Reset:
+ description: The number of seconds left in the current period
+ schema:
+ type: integer
+
+{
+ "description": "object created"
+}
+
+description: object created
+Callback Object
+webhooks field.Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ {expression}
+Path Item Object | Reference Object
+A Path Item Object, or a reference to one, used to define a callback request and expected responses. A complete example is available.
+Key Expression
+$request.body#/url.
+However, using a runtime expression the complete HTTP message can be accessed.
+This includes accessing any part of a body that a JSON Pointer [[!RFC6901]] can reference.
+POST /subscribe/myevent?queryUrl=https://clientdomain.com/stillrunning HTTP/1.1
+Host: example.org
+Content-Type: application/json
+Content-Length: 187
+
+{
+ "failedUrl" : "https://clientdomain.com/failed",
+ "successUrls" : [
+ "https://clientdomain.com/fast",
+ "https://clientdomain.com/medium",
+ "https://clientdomain.com/slow"
+ ]
+}
+
+201 Created
+Location: https://example.org/subscription/1
+eventType and a query parameter named queryUrl.
+
+
+
+
+
+
+Expression
+Value
+
+
+$url
+https://example.org/subscribe/myevent?queryUrl=https://clientdomain.com/stillrunning
+
+
+$method
+POST
+
+
+$request.path.eventType
+myevent
+
+
+$request.query.queryUrl
+https://clientdomain.com/stillrunning
+
+
+$request.header.content-Type
+application/json
+
+
+$request.body#/failedUrl
+https://clientdomain.com/failed
+
+
+$request.body#/successUrls/2
+https://clientdomain.com/medium
+
+
+
+$response.header.Location
+https://example.org/subscription/1
+Callback Object Examples
+queryUrl query string parameter to define the callback URL. This is an example of how to use a callback object to describe a WebHook callback that goes with the subscription operation to enable registering for the WebHook.
+myCallback:
+ '{$request.query.queryUrl}':
+ post:
+ requestBody:
+ description: Callback payload
+ content:
+ 'application/json':
+ schema:
+ $ref: '#/components/schemas/SomePayload'
+ responses:
+ '200':
+ description: callback successfully processed
+id and email property in the request body.
+transactionCallback:
+ 'http://notificationServer.com?transactionId={$request.body#/id}&email={$request.body#/email}':
+ post:
+ requestBody:
+ description: Callback payload
+ content:
+ 'application/json':
+ schema:
+ $ref: '#/components/schemas/SomePayload'
+ responses:
+ '200':
+ description: callback successfully processed
+Example Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ summary
+stringShort description for the example.
+
+
+ description
+stringLong description for the example. CommonMark syntax MAY be used for rich text representation.
+
+
+ value
+Any
+Embedded literal example. The
+value field and externalValue field are mutually exclusive. To represent examples of media types that cannot naturally represented in JSON or YAML, use a string value to contain the example, escaping where necessary.
+
+
+ externalValue
+stringA URI that points to the literal example. This provides the capability to reference examples that cannot easily be included in JSON or YAML documents. The
+value field and externalValue field are mutually exclusive. See the rules for resolving Relative References.Example Object Examples
+
+requestBody:
+ content:
+ 'application/json':
+ schema:
+ $ref: '#/components/schemas/Address'
+ examples:
+ foo:
+ summary: A foo example
+ value: {"foo": "bar"}
+ bar:
+ summary: A bar example
+ value: {"bar": "baz"}
+ 'application/xml':
+ examples:
+ xmlExample:
+ summary: This is an example in XML
+ externalValue: 'https://example.org/examples/address-example.xml'
+ 'text/plain':
+ examples:
+ textExample:
+ summary: This is a text example
+ externalValue: 'https://foo.bar/examples/address-example.txt'
+
+parameters:
+ - name: 'zipCode'
+ in: 'query'
+ schema:
+ type: 'string'
+ format: 'zip-code'
+ examples:
+ zip-example:
+ $ref: '#/components/examples/zip-example'
+
+responses:
+ '200':
+ description: your car appointment has been booked
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SuccessResponse'
+ examples:
+ confirmation-success:
+ $ref: '#/components/examples/confirmation-success'
+Link Object
+Link object represents a possible design-time link for a response.
+The presence of a link does not guarantee the caller’s ability to successfully invoke it, rather it provides a known relationship and traversal mechanism between responses and other operations.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ operationRef
+stringA relative or absolute URI reference to an OAS operation. This field is mutually exclusive of the
+operationId field, and MUST point to an Operation Object. Relative operationRef values MAY be used to locate an existing Operation Object in the OpenAPI definition. See the rules for resolving Relative References.
+
+ operationId
+stringThe name of an existing, resolvable OAS operation, as defined with a unique
+operationId. This field is mutually exclusive of the operationRef field.
+
+ parameters
+Map[
+string, Any | {expression}]A map representing parameters to pass to an operation as specified with
+operationId or identified via operationRef. The key is the parameter name to be used, whereas the value can be a constant or an expression to be evaluated and passed to the linked operation. The parameter name can be qualified using the parameter location [{in}.]{name} for operations that use the same parameter name in different locations (e.g. path.id).
+
+ requestBody
+Any | {expression}
+A literal value or {expression} to use as a request body when calling the target operation.
+
+
+ description
+stringA description of the link. CommonMark syntax MAY be used for rich text representation.
+
+
+
+ server
+Server Object
+A server object to be used by the target operation.
+operationRef or operationId.
+In the case of an operationId, it MUST be unique and resolved in the scope of the OAS document.
+Because of the potential for name clashes, the operationRef syntax is preferred
+for OpenAPI documents with external references.Examples
+$request.path.id is used to pass a request parameter to the linked operation.
+paths:
+ /users/{id}:
+ parameters:
+ - name: id
+ in: path
+ required: true
+ description: the user identifier, as userId
+ schema:
+ type: string
+ get:
+ responses:
+ '200':
+ description: the user being returned
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ uuid: # the unique user id
+ type: string
+ format: uuid
+ links:
+ address:
+ # the target link operationId
+ operationId: getUserAddress
+ parameters:
+ # get the `id` field from the request path parameter named `id`
+ userId: $request.path.id
+ # the path item of the linked operation
+ /users/{userid}/address:
+ parameters:
+ - name: userid
+ in: path
+ required: true
+ description: the user identifier, as userId
+ schema:
+ type: string
+ # linked operation
+ get:
+ operationId: getUserAddress
+ responses:
+ '200':
+ description: the user's address
+
+links:
+ address:
+ operationId: getUserAddressByUUID
+ parameters:
+ # get the `uuid` field from the `uuid` field in the response body
+ userUuid: $response.body#/uuid
+OperationRef Examples
+operationId MAY NOT be possible (the operationId is an optional
+field in an Operation Object), references MAY also be made through a relative operationRef:
+links:
+ UserRepositories:
+ # returns array of '#/components/schemas/repository'
+ operationRef: '#/paths/~12.0~1repositories~1{username}/get'
+ parameters:
+ username: $response.body#/username
+operationRef:
+links:
+ UserRepositories:
+ # returns array of '#/components/schemas/repository'
+ operationRef: 'https://na2.gigantic-server.com/#/paths/~12.0~1repositories~1{username}/get'
+ parameters:
+ username: $response.body#/username
+operationRef, the escaped forward-slash is necessary when
+using JSON references.Runtime Expressions
+
+ expression = ( "$url" / "$method" / "$statusCode" / "$request." source / "$response." source )
+ source = ( header-reference / query-reference / path-reference / body-reference )
+ header-reference = "header." token
+ query-reference = "query." name
+ path-reference = "path." name
+ body-reference = "body" ["#" json-pointer ]
+ json-pointer = *( "/" reference-token )
+ reference-token = *( unescaped / escaped )
+ unescaped = %x00-2E / %x30-7D / %x7F-10FFFF
+ ; %x2F ('/') and %x7E ('~') are excluded from 'unescaped'
+ escaped = "~" ( "0" / "1" )
+ ; representing '~' and '/', respectively
+ name = *( CHAR )
+ token = 1*tchar
+ tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*" / "+" / "-" / "." /
+ "^" / "_" / "`" / "|" / "~" / DIGIT / ALPHA
+json-pointer is taken from [[!RFC6901]], char from [[!RFC7159]] and token from [[!RFC7230]].name identifier is case-sensitive, whereas token is not.Examples
+
+
+
+
+
+
+
+Source Location
+example expression
+notes
+
+
+HTTP Method
+$methodThe allowable values for the
+$method will be those for the HTTP operation.
+
+Requested media type
+$request.header.accept
+
+
+Request parameter
+$request.path.idRequest parameters MUST be declared in the
+parameters section of the parent operation or they cannot be evaluated. This includes request headers.
+
+Request body property
+$request.body#/user/uuidIn operations which accept payloads, references may be made to portions of the
+requestBody or the entire body.
+
+Request URL
+$url
+
+
+Response value
+$response.body#/statusIn operations which return payloads, references may be made to portions of the response body or the entire body.
+
+
+
+Response header
+$response.header.ServerSingle header values only are available
+{} curly braces.Header Object
+
+
+name MUST NOT be specified, it is given in the corresponding headers map.in MUST NOT be specified, it is implicitly in header.header (for example, style).Header Object Example
+integer:
+{
+ "description": "The number of allowed requests in the current period",
+ "schema": {
+ "type": "integer"
+ }
+}
+
+description: The number of allowed requests in the current period
+schema:
+ type: integer
+Tag Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ name
+stringREQUIRED. The name of the tag.
+
+
+ description
+stringA description for the tag. CommonMark syntax MAY be used for rich text representation.
+
+
+
+ externalDocs
+External Documentation Object
+Additional external documentation for this tag.
+Tag Object Example
+
+{
+ "name": "pet",
+ "description": "Pets operations"
+}
+
+name: pet
+description: Pets operations
+Reference Object
+$ref string value contains a URI [[!RFC3986]], which identifies the location of the value being referenced.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ $ref
+stringREQUIRED. The reference identifier. This MUST be in the form of a URI.
+
+
+ summary
+stringA short summary which by default SHOULD override that of the referenced component. If the referenced object-type does not allow a
+summary field, then this field has no effect.
+
+
+ description
+stringA description which by default SHOULD override that of the referenced component. CommonMark syntax MAY be used for rich text representation. If the referenced object-type does not allow a
+description field, then this field has no effect.Schema Objects that contain a $ref keyword.Reference Object Example
+
+{
+ "$ref": "#/components/schemas/Pet"
+}
+
+$ref: '#/components/schemas/Pet'
+Relative Schema Document Example
+
+{
+ "$ref": "Pet.json"
+}
+
+$ref: Pet.yaml
+Relative Documents With Embedded Schema Example
+
+{
+ "$ref": "definitions.json#/Pet"
+}
+
+$ref: definitions.yaml#/Pet
+Schema Object
+Properties
+https://spec.openapis.org/oas/3.1/dialect/base (the “OAS dialect schema id”).
+
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ discriminator
+Discriminator Object
+Adds support for polymorphism. The discriminator is an object name that is used to differentiate between other schemas which may satisfy the payload description. See Composition and Inheritance for more details.
+
+
+ xml
+XML Object
+This MAY be used only on properties schemas. It has no effect on root schemas. Adds additional metadata to describe the XML representation of this property.
+
+
+ externalDocs
+External Documentation Object
+Additional external documentation for this schema.
+
+
+
+ example
+Any
+A free-form property to include an example of an instance for this schema. To represent examples that cannot be naturally represented in JSON or YAML, a string value can be used to contain the example with escaping where necessary.
+
Deprecated: The example property has been deprecated in favor of the JSON Schema examples keyword. Use of example is discouraged, and later versions of this specification may remove it.x- prefix within this object.Composition and Inheritance (Polymorphism)
+allOf property of JSON Schema, in effect offering model composition.
+allOf takes an array of object definitions that are validated independently but together compose a single object.discriminator field.
+When used, the discriminator will be the name of the property that decides which schema definition validates the structure of the model.
+As such, the discriminator field MUST be a required field.
+There are two ways to define the value of a discriminator for an inheriting instance.
+
+XML Modeling
+Specifying Schema Dialects
+$schema keyword MAY be present in any root Schema Object, and if present MUST be used to determine which dialect should be used when processing the schema. This allows use of Schema Objects which comply with other drafts of JSON Schema than the default Draft 2020-12 support. Tooling MUST support the OAS dialect schema id, and MAY support additional values of $schema.$schema value for all Schema Objects contained within an OAS document, a jsonSchemaDialect value may be set within the OpenAPI Object. If this default is not set, then the OAS dialect schema id MUST be used for these Schema Objects. The value of $schema within a Schema Object always overrides any default.$schema keyword for schemas within that resource MUST follow JSON Schema rules.Schema Object Examples
+Primitive Sample
+
+{
+ "type": "string",
+ "format": "email"
+}
+
+type: string
+format: email
+Simple Model
+
+{
+ "type": "object",
+ "required": [
+ "name"
+ ],
+ "properties": {
+ "name": {
+ "type": "string"
+ },
+ "address": {
+ "$ref": "#/components/schemas/Address"
+ },
+ "age": {
+ "type": "integer",
+ "format": "int32",
+ "minimum": 0
+ }
+ }
+}
+
+type: object
+required:
+- name
+properties:
+ name:
+ type: string
+ address:
+ $ref: '#/components/schemas/Address'
+ age:
+ type: integer
+ format: int32
+ minimum: 0
+Model with Map/Dictionary Properties
+
+{
+ "type": "object",
+ "additionalProperties": {
+ "type": "string"
+ }
+}
+
+type: object
+additionalProperties:
+ type: string
+
+{
+ "type": "object",
+ "additionalProperties": {
+ "$ref": "#/components/schemas/ComplexModel"
+ }
+}
+
+type: object
+additionalProperties:
+ $ref: '#/components/schemas/ComplexModel'
+Model with Example
+
+{
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "integer",
+ "format": "int64"
+ },
+ "name": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "name"
+ ],
+ "example": {
+ "name": "Puma",
+ "id": 1
+ }
+}
+
+type: object
+properties:
+ id:
+ type: integer
+ format: int64
+ name:
+ type: string
+required:
+- name
+example:
+ name: Puma
+ id: 1
+Models with Composition
+
+{
+ "components": {
+ "schemas": {
+ "ErrorModel": {
+ "type": "object",
+ "required": [
+ "message",
+ "code"
+ ],
+ "properties": {
+ "message": {
+ "type": "string"
+ },
+ "code": {
+ "type": "integer",
+ "minimum": 100,
+ "maximum": 600
+ }
+ }
+ },
+ "ExtendedErrorModel": {
+ "allOf": [
+ {
+ "$ref": "#/components/schemas/ErrorModel"
+ },
+ {
+ "type": "object",
+ "required": [
+ "rootCause"
+ ],
+ "properties": {
+ "rootCause": {
+ "type": "string"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+}
+
+components:
+ schemas:
+ ErrorModel:
+ type: object
+ required:
+ - message
+ - code
+ properties:
+ message:
+ type: string
+ code:
+ type: integer
+ minimum: 100
+ maximum: 600
+ ExtendedErrorModel:
+ allOf:
+ - $ref: '#/components/schemas/ErrorModel'
+ - type: object
+ required:
+ - rootCause
+ properties:
+ rootCause:
+ type: string
+Models with Polymorphism Support
+
+{
+ "components": {
+ "schemas": {
+ "Pet": {
+ "type": "object",
+ "discriminator": {
+ "propertyName": "petType"
+ },
+ "properties": {
+ "name": {
+ "type": "string"
+ },
+ "petType": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "name",
+ "petType"
+ ]
+ },
+ "Cat": {
+ "description": "A representation of a cat. Note that `Cat` will be used as the discriminator value.",
+ "allOf": [
+ {
+ "$ref": "#/components/schemas/Pet"
+ },
+ {
+ "type": "object",
+ "properties": {
+ "huntingSkill": {
+ "type": "string",
+ "description": "The measured skill for hunting",
+ "default": "lazy",
+ "enum": [
+ "clueless",
+ "lazy",
+ "adventurous",
+ "aggressive"
+ ]
+ }
+ },
+ "required": [
+ "huntingSkill"
+ ]
+ }
+ ]
+ },
+ "Dog": {
+ "description": "A representation of a dog. Note that `Dog` will be used as the discriminator value.",
+ "allOf": [
+ {
+ "$ref": "#/components/schemas/Pet"
+ },
+ {
+ "type": "object",
+ "properties": {
+ "packSize": {
+ "type": "integer",
+ "format": "int32",
+ "description": "the size of the pack the dog is from",
+ "default": 0,
+ "minimum": 0
+ }
+ },
+ "required": [
+ "packSize"
+ ]
+ }
+ ]
+ }
+ }
+ }
+}
+
+components:
+ schemas:
+ Pet:
+ type: object
+ discriminator:
+ propertyName: petType
+ properties:
+ name:
+ type: string
+ petType:
+ type: string
+ required:
+ - name
+ - petType
+ Cat: ## "Cat" will be used as the discriminator value
+ description: A representation of a cat
+ allOf:
+ - $ref: '#/components/schemas/Pet'
+ - type: object
+ properties:
+ huntingSkill:
+ type: string
+ description: The measured skill for hunting
+ enum:
+ - clueless
+ - lazy
+ - adventurous
+ - aggressive
+ required:
+ - huntingSkill
+ Dog: ## "Dog" will be used as the discriminator value
+ description: A representation of a dog
+ allOf:
+ - $ref: '#/components/schemas/Pet'
+ - type: object
+ properties:
+ packSize:
+ type: integer
+ format: int32
+ description: the size of the pack the dog is from
+ default: 0
+ minimum: 0
+ required:
+ - packSize
+Discriminator Object
+discriminator object can be used to aid in serialization, deserialization, and validation. The discriminator is a specific object in a schema which is used to inform the consumer of the document of an alternative schema based on the value associated with it.Fixed Fields
+oneOf, anyOf, allOf.
+MyResponseType:
+ oneOf:
+ - $ref: '#/components/schemas/Cat'
+ - $ref: '#/components/schemas/Dog'
+ - $ref: '#/components/schemas/Lizard'
+Cat, Dog, or Lizard. In this case, a discriminator MAY act as a “hint” to shortcut validation and selection of the matching schema which may be a costly operation, depending on the complexity of the schema. We can then describe exactly which field tells us which schema to use:
+MyResponseType:
+ oneOf:
+ - $ref: '#/components/schemas/Cat'
+ - $ref: '#/components/schemas/Dog'
+ - $ref: '#/components/schemas/Lizard'
+ discriminator:
+ propertyName: petType
+petType MUST be present in the response payload, and the value will correspond to the name of a schema defined in the OAS document. Thus the response payload:
+{
+ "id": 12345,
+ "petType": "Cat"
+}
+Cat schema be used in conjunction with this payload.mapping definition MAY be used:
+MyResponseType:
+ oneOf:
+ - $ref: '#/components/schemas/Cat'
+ - $ref: '#/components/schemas/Dog'
+ - $ref: '#/components/schemas/Lizard'
+ - $ref: 'https://gigantic-server.com/schemas/Monster/schema.json'
+ discriminator:
+ propertyName: petType
+ mapping:
+ dog: '#/components/schemas/Dog'
+ monster: 'https://gigantic-server.com/schemas/Monster/schema.json'
+dog will map to the schema #/components/schemas/Dog, rather than the default (implicit) value of Dog. If the discriminator value does not match an implicit or explicit mapping, no schema can be determined and validation SHOULD fail. Mapping keys MUST be string values, but tooling MAY convert response values to strings for comparison.anyOf construct, the use of the discriminator can avoid ambiguity where multiple schemas may satisfy a single payload.oneOf and anyOf use cases, all possible schemas MUST be listed explicitly. To avoid redundancy, the discriminator MAY be added to a parent schema definition, and all schemas comprising the parent schema in an allOf construct may be used as an alternate schema.
+components:
+ schemas:
+ Pet:
+ type: object
+ required:
+ - petType
+ properties:
+ petType:
+ type: string
+ discriminator:
+ propertyName: petType
+ mapping:
+ dog: Dog
+ Cat:
+ allOf:
+ - $ref: '#/components/schemas/Pet'
+ - type: object
+ # all other properties specific to a `Cat`
+ properties:
+ name:
+ type: string
+ Dog:
+ allOf:
+ - $ref: '#/components/schemas/Pet'
+ - type: object
+ # all other properties specific to a `Dog`
+ properties:
+ bark:
+ type: string
+ Lizard:
+ allOf:
+ - $ref: '#/components/schemas/Pet'
+ - type: object
+ # all other properties specific to a `Lizard`
+ properties:
+ lovesRocks:
+ type: boolean
+
+{
+ "petType": "Cat",
+ "name": "misty"
+}
+Cat schema be used. Likewise this schema:
+{
+ "petType": "dog",
+ "bark": "soft"
+}
+Dog because of the definition in the mapping element.XML Object
+name property SHOULD be used to add that information.
+See examples for expected behavior.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ name
+stringReplaces the name of the element/attribute used for the described schema property. When defined within
+items, it will affect the name of the individual XML elements within the list. When defined alongside type being array (outside the items), it will affect the wrapping element and only if wrapped is true. If wrapped is false, it will be ignored.
+
+ namespace
+stringThe URI of the namespace definition. This MUST be in the form of an absolute URI.
+
+
+ prefix
+stringThe prefix to be used for the name.
+
+
+ attribute
+booleanDeclares whether the property definition translates to an attribute instead of an element. Default value is
+false.
+
+
+ wrapped
+booleanMAY be used only for an array definition. Signifies whether the array is wrapped (for example,
+<books><book/><book/></books>) or unwrapped (<book/><book/>). Default value is false. The definition takes effect only when defined alongside type being array (outside the items).XML Object Examples
+No XML Element
+
+{
+ "animals": {
+ "type": "string"
+ }
+}
+
+animals:
+ type: string
+
+<animals>...</animals>
+wrapped is false by default):
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+
+<animals>...</animals>
+<animals>...</animals>
+<animals>...</animals>
+XML Name Replacement
+
+{
+ "animals": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ }
+}
+
+animals:
+ type: string
+ xml:
+ name: animal
+
+<animal>...</animal>
+XML Attribute, Prefix and Namespace
+
+{
+ "Person": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "integer",
+ "format": "int32",
+ "xml": {
+ "attribute": true
+ }
+ },
+ "name": {
+ "type": "string",
+ "xml": {
+ "namespace": "https://example.com/schema/sample",
+ "prefix": "sample"
+ }
+ }
+ }
+ }
+}
+
+Person:
+ type: object
+ properties:
+ id:
+ type: integer
+ format: int32
+ xml:
+ attribute: true
+ name:
+ type: string
+ xml:
+ namespace: https://example.com/schema/sample
+ prefix: sample
+
+<Person id="123">
+ <sample:name xmlns:sample="https://example.com/schema/sample">example</sample:name>
+</Person>
+XML Arrays
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: animal
+
+<animal>value</animal>
+<animal>value</animal>
+name property has no effect on the XML:
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ },
+ "xml": {
+ "name": "aliens"
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: animal
+ xml:
+ name: aliens
+
+<animal>value</animal>
+<animal>value</animal>
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ },
+ "xml": {
+ "wrapped": true
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ wrapped: true
+
+<animals>
+ <animals>value</animals>
+ <animals>value</animals>
+</animals>
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ },
+ "xml": {
+ "wrapped": true
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: animal
+ xml:
+ wrapped: true
+
+<animals>
+ <animal>value</animal>
+ <animal>value</animal>
+</animals>
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ },
+ "xml": {
+ "name": "aliens",
+ "wrapped": true
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: animal
+ xml:
+ name: aliens
+ wrapped: true
+
+<aliens>
+ <animal>value</animal>
+ <animal>value</animal>
+</aliens>
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ },
+ "xml": {
+ "name": "aliens",
+ "wrapped": true
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: aliens
+ wrapped: true
+
+<aliens>
+ <aliens>value</aliens>
+ <aliens>value</aliens>
+</aliens>
+Security Scheme Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Applies To
+Description
+
+
+ type
+stringAny
+REQUIRED. The type of the security scheme. Valid values are
+"apiKey", "http", "mutualTLS", "oauth2", "openIdConnect".
+
+ description
+stringAny
+A description for security scheme. CommonMark syntax MAY be used for rich text representation.
+
+
+ name
+stringapiKeyREQUIRED. The name of the header, query or cookie parameter to be used.
+
+
+ in
+stringapiKeyREQUIRED. The location of the API key. Valid values are
+"query", "header" or "cookie".
+
+ scheme
+stringhttpREQUIRED. The name of the HTTP Authorization scheme to be used in the Authorization header as defined in [[!RFC7235]]. The values used SHOULD be registered in the IANA Authentication Scheme registry.
+
+
+ bearerFormat
+stringhttp ("bearer")A hint to the client to identify how the bearer token is formatted. Bearer tokens are usually generated by an authorization server, so this information is primarily for documentation purposes.
+
+
+ flows
+OAuth Flows Object
+oauth2REQUIRED. An object containing configuration information for the flow types supported.
+
+
+
+ openIdConnectUrl
+stringopenIdConnectREQUIRED. OpenId Connect URL to discover OAuth2 configuration values. This MUST be in the form of a URL. The OpenID Connect standard requires the use of TLS.
+Security Scheme Object Example
+Basic Authentication Sample
+
+{
+ "type": "http",
+ "scheme": "basic"
+}
+
+type: http
+scheme: basic
+API Key Sample
+
+{
+ "type": "apiKey",
+ "name": "api_key",
+ "in": "header"
+}
+
+type: apiKey
+name: api_key
+in: header
+JWT Bearer Sample
+
+{
+ "type": "http",
+ "scheme": "bearer",
+ "bearerFormat": "JWT",
+}
+
+type: http
+scheme: bearer
+bearerFormat: JWT
+Implicit OAuth2 Sample
+
+{
+ "type": "oauth2",
+ "flows": {
+ "implicit": {
+ "authorizationUrl": "https://example.com/api/oauth/dialog",
+ "scopes": {
+ "write:pets": "modify pets in your account",
+ "read:pets": "read your pets"
+ }
+ }
+ }
+}
+
+type: oauth2
+flows:
+ implicit:
+ authorizationUrl: https://example.com/api/oauth/dialog
+ scopes:
+ write:pets: modify pets in your account
+ read:pets: read your pets
+OAuth Flows Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ implicit
+OAuth Flow Object
+Configuration for the OAuth Implicit flow
+
+
+ password
+OAuth Flow Object
+Configuration for the OAuth Resource Owner Password flow
+
+
+ clientCredentials
+OAuth Flow Object
+Configuration for the OAuth Client Credentials flow. Previously called
+application in OpenAPI 2.0.
+
+
+ authorizationCode
+OAuth Flow Object
+Configuration for the OAuth Authorization Code flow. Previously called
+accessCode in OpenAPI 2.0.OAuth Flow Object
+Fixed Fields
+OAuth Flow Object Examples
+
+{
+ "type": "oauth2",
+ "flows": {
+ "implicit": {
+ "authorizationUrl": "https://example.com/api/oauth/dialog",
+ "scopes": {
+ "write:pets": "modify pets in your account",
+ "read:pets": "read your pets"
+ }
+ },
+ "authorizationCode": {
+ "authorizationUrl": "https://example.com/api/oauth/dialog",
+ "tokenUrl": "https://example.com/api/oauth/token",
+ "scopes": {
+ "write:pets": "modify pets in your account",
+ "read:pets": "read your pets"
+ }
+ }
+ }
+}
+
+type: oauth2
+flows:
+ implicit:
+ authorizationUrl: https://example.com/api/oauth/dialog
+ scopes:
+ write:pets: modify pets in your account
+ read:pets: read your pets
+ authorizationCode:
+ authorizationUrl: https://example.com/api/oauth/dialog
+ tokenUrl: https://example.com/api/oauth/token
+ scopes:
+ write:pets: modify pets in your account
+ read:pets: read your pets
+Security Requirement Object
+Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ {name}
+[
+string]Each name MUST correspond to a security scheme which is declared in the Security Schemes under the Components Object. If the security scheme is of type
+"oauth2" or "openIdConnect", then the value is a list of scope names required for the execution, and the list MAY be empty if authorization does not require a specified scope. For other security scheme types, the array MAY contain a list of role names which are required for the execution, but are not otherwise defined or exchanged in-band.Security Requirement Object Examples
+Non-OAuth2 Security Requirement
+
+{
+ "api_key": []
+}
+
+api_key: []
+OAuth2 Security Requirement
+
+{
+ "petstore_auth": [
+ "write:pets",
+ "read:pets"
+ ]
+}
+
+petstore_auth:
+- write:pets
+- read:pets
+Optional OAuth2 Security
+
+{
+ "security": [
+ {},
+ {
+ "petstore_auth": [
+ "write:pets",
+ "read:pets"
+ ]
+ }
+ ]
+}
+
+security:
+ - {}
+ - petstore_auth:
+ - write:pets
+ - read:pets
+Specification Extensions
+"x-".
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ ^x-
+Any
+Allows extensions to the OpenAPI Schema. The field name MUST begin with
+x-, for example, x-internal-id. Field names beginning x-oai- and x-oas- are reserved for uses defined by the OpenAPI Initiative. The value can be null, a primitive, an array or an object.Security Filtering
+
+
+Appendix A: Revision History
+
+
+
+
diff --git a/docs/oas/v2.0.html b/docs/oas/v2.0.html
new file mode 100644
index 0000000000..886b7ef5e7
--- /dev/null
+++ b/docs/oas/v2.0.html
@@ -0,0 +1,3101 @@
+
+
+
+
+Version
+Date
+Notes
+
+
+3.1.0
+2021-02-15
+Release of the OpenAPI Specification 3.1.0
+
+
+3.1.0-rc1
+2020-10-08
+rc1 of the 3.1 specification
+
+
+3.1.0-rc0
+2020-06-18
+rc0 of the 3.1 specification
+
+
+3.0.3
+2020-02-20
+Patch release of the OpenAPI Specification 3.0.3
+
+
+3.0.2
+2018-10-08
+Patch release of the OpenAPI Specification 3.0.2
+
+
+3.0.1
+2017-12-06
+Patch release of the OpenAPI Specification 3.0.1
+
+
+3.0.0
+2017-07-26
+Release of the OpenAPI Specification 3.0.0
+
+
+3.0.0-rc2
+2017-06-16
+rc2 of the 3.0 specification
+
+
+3.0.0-rc1
+2017-04-27
+rc1 of the 3.0 specification
+
+
+3.0.0-rc0
+2017-02-28
+Implementer’s Draft of the 3.0 specification
+
+
+2.0
+2015-12-31
+Donation of Swagger 2.0 to the OpenAPI Initiative
+
+
+2.0
+2014-09-08
+Release of Swagger 2.0
+
+
+1.2
+2014-03-14
+Initial release of the formal document.
+
+
+1.1
+2012-08-22
+Release of Swagger 1.1
+
+
+
+1.0
+2011-08-10
+First release of the Swagger Specification
+OpenAPI Specification v2.0
Status of This Document
The source-of-truth for the specification is the GitHub markdown file referenced above.OpenAPI Specification
+(fka Swagger RESTful API Documentation Specification)
+Version 2.0
+Introductions
+Revision History
+
+
+
+
+
+
+
+Version
+Date
+Notes
+
+
+2.0
+2014-09-08
+Release of Swagger 2.0
+
+
+1.2
+2014-03-14
+Initial release of the formal document.
+
+
+1.1
+2012-08-22
+Release of Swagger 1.1
+
+
+
+1.0
+2011-08-10
+First release of the Swagger Specification
+Definitions
+Path Templating
+Mime Types
+
+
+ text/plain; charset=utf-8
+ application/json
+ application/vnd.github+json
+ application/vnd.github.v3+json
+ application/vnd.github.v3.raw+json
+ application/vnd.github.v3.text+json
+ application/vnd.github.v3.html+json
+ application/vnd.github.v3.full+json
+ application/vnd.github.v3.diff
+ application/vnd.github.v3.patch
+HTTP Status Codes
+Specification
+Format
+
+{
+ "field" : [...]
+}
+File Structure
+$ref fields in the specification as follows from the JSON Schema definitions.swagger.json.Data Types
+"file" is used by the Parameter Object and the Response Object to set the parameter type or the response as being a file.format. Swagger uses several known formats to more finely define the data type being used. However, the format property is an open string-valued property, and can have any value to support documentation needs. Formats such as "email", "uuid", etc., can be used even though they are not defined by this specification. Types that are not accompanied by a format property follow their definition from the JSON Schema (except for file type which is defined above). The formats defined by the Swagger Specification are:
+
+
+
+
+
+
+Common Name
+typeformatComments
+
+
+integer
+integerint32signed 32 bits
+
+
+long
+integerint64signed 64 bits
+
+
+float
+numberfloat
+
+
+double
+numberdouble
+
+
+string
+string
+
+
+
+byte
+stringbytebase64 encoded characters
+
+
+binary
+stringbinaryany sequence of octets
+
+
+boolean
+boolean
+
+
+
+date
+stringdateAs defined by
+full-date - [!RFC3339]
+
+dateTime
+stringdate-timeAs defined by
+date-time - [!RFC3339]
+
+
+password
+stringpasswordUsed to hint UIs the input needs to be obscured.
+Schema
+Swagger Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ swagger
+stringRequired. Specifies the Swagger Specification version being used. It can be used by the Swagger UI and other clients to interpret the API listing. The value MUST be
+"2.0".
+
+ info
+Info Object
+Required. Provides metadata about the API. The metadata can be used by the clients if needed.
+
+
+ host
+stringThe host (name or ip) serving the API. This MUST be the host only and does not include the scheme nor sub-paths. It MAY include a port. If the
+host is not included, the host serving the documentation is to be used (including the port). The host does not support path templating.
+
+ basePath
+stringThe base path on which the API is served, which is relative to the
+host. If it is not included, the API is served directly under the host. The value MUST start with a leading slash (/). The basePath does not support path templating.
+
+ schemes
+[
+string]The transfer protocol of the API. Values MUST be from the list:
+"http", "https", "ws", "wss". If the schemes is not included, the default scheme to be used is the one used to access the Swagger definition itself.
+
+ consumes
+[
+string]A list of MIME types the APIs can consume. This is global to all APIs but can be overridden on specific API calls. Value MUST be as described under Mime Types.
+
+
+ produces
+[
+string]A list of MIME types the APIs can produce. This is global to all APIs but can be overridden on specific API calls. Value MUST be as described under Mime Types.
+
+
+ paths
+Paths Object
+Required. The available paths and operations for the API.
+
+
+ definitions
+Definitions Object
+An object to hold data types produced and consumed by operations.
+
+
+ parameters
+Parameters Definitions Object
+An object to hold parameters that can be used across operations. This property does not define global parameters for all operations.
+
+
+ responses
+Responses Definitions Object
+An object to hold responses that can be used across operations. This property does not define global responses for all operations.
+
+
+ securityDefinitions
+Security Definitions Object
+Security scheme definitions that can be used across the specification.
+
+
+ security
+[Security Requirement Object]
+A declaration of which security schemes are applied for the API as a whole. The list of values describes alternative security schemes that can be used (that is, there is a logical OR between the security requirements). Individual operations can override this definition.
+
+
+ tags
+[Tag Object]
+A list of tags used by the specification with additional metadata. The order of the tags can be used to reflect on their order by the parsing tools. Not all tags that are used by the Operation Object must be declared. The tags that are not declared may be organized randomly or based on the tools’ logic. Each tag name in the list MUST be unique.
+
+
+
+ externalDocs
+External Documentation Object
+Additional external documentation.
+Patterned Objects
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ ^x-
+Any
+Allows extensions to the Swagger Schema. The field name MUST begin with
+x-, for example, x-internal-id. The value can be null, a primitive, an array or an object. See Vendor Extensions for further details.Info Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ title
+stringRequired. The title of the application.
+
+
+ description
+stringA short description of the application. GFM syntax can be used for rich text representation.
+
+
+ termsOfService
+stringThe Terms of Service for the API.
+
+
+ contact
+Contact Object
+The contact information for the exposed API.
+
+
+ license
+License Object
+The license information for the exposed API.
+
+
+
+ version
+stringRequired Provides the version of the application API (not to be confused with the specification version).
+Patterned Objects
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ ^x-
+Any
+Allows extensions to the Swagger Schema. The field name MUST begin with
+x-, for example, x-internal-id. The value can be null, a primitive, an array or an object. See Vendor Extensions for further details.Info Object Example:
+
+{
+ "title": "Swagger Sample App",
+ "description": "This is a sample server Petstore server.",
+ "termsOfService": "http://swagger.io/terms/",
+ "contact": {
+ "name": "API Support",
+ "url": "http://www.swagger.io/support",
+ "email": "support@swagger.io"
+ },
+ "license": {
+ "name": "Apache 2.0",
+ "url": "http://www.apache.org/licenses/LICENSE-2.0.html"
+ },
+ "version": "1.0.1"
+}
+
+title: Swagger Sample App
+description: This is a sample server Petstore server.
+termsOfService: http://swagger.io/terms/
+contact:
+ name: API Support
+ url: http://www.swagger.io/support
+ email: support@swagger.io
+license:
+ name: Apache 2.0
+ url: http://www.apache.org/licenses/LICENSE-2.0.html
+version: 1.0.1
+Contact Object
+Fixed Fields
+Patterned Objects
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ ^x-
+Any
+Allows extensions to the Swagger Schema. The field name MUST begin with
+x-, for example, x-internal-id. The value can be null, a primitive, an array or an object. See Vendor Extensions for further details.Contact Object Example:
+
+{
+ "name": "API Support",
+ "url": "http://www.swagger.io/support",
+ "email": "support@swagger.io"
+}
+
+name: API Support
+url: http://www.swagger.io/support
+email: support@swagger.io
+License Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ name
+stringRequired. The license name used for the API.
+
+
+
+ url
+stringA URL to the license used for the API. MUST be in the format of a URL.
+Patterned Objects
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ ^x-
+Any
+Allows extensions to the Swagger Schema. The field name MUST begin with
+x-, for example, x-internal-id. The value can be null, a primitive, an array or an object. See Vendor Extensions for further details.License Object Example:
+
+{
+ "name": "Apache 2.0",
+ "url": "http://www.apache.org/licenses/LICENSE-2.0.html"
+}
+
+name: Apache 2.0
+url: http://www.apache.org/licenses/LICENSE-2.0.html
+Paths Object
+basePath in order to construct the full URL.
+The Paths may be empty, due to ACL constraints.Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+ /{path}
+Path Item Object
+A relative path to an individual endpoint. The field name MUST begin with a slash. The path is appended to the
+basePath in order to construct the full URL. Path templating is allowed.
+
+
+ ^x-
+Any
+Allows extensions to the Swagger Schema. The field name MUST begin with
+x-, for example, x-internal-id. The value can be null, a primitive, an array or an object. See Vendor Extensions for further details.Paths Object Example
+
+{
+ "/pets": {
+ "get": {
+ "description": "Returns all pets from the system that the user has access to",
+ "produces": [
+ "application/json"
+ ],
+ "responses": {
+ "200": {
+ "description": "A list of pets.",
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/pet"
+ }
+ }
+ }
+ }
+ }
+ }
+}
+
+/pets:
+ get:
+ description: Returns all pets from the system that the user has access to
+ produces:
+ - application/json
+ responses:
+ '200':
+ description: A list of pets.
+ schema:
+ type: array
+ items:
+ $ref: '#/definitions/pet'
+Path Item Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ $ref
+stringAllows for an external definition of this path item. The referenced structure MUST be in the format of a Path Item Object. If there are conflicts between the referenced definition and this Path Item’s definition, the behavior is undefined.
+
+
+ get
+Operation Object
+A definition of a GET operation on this path.
+
+
+ put
+Operation Object
+A definition of a PUT operation on this path.
+
+
+ post
+Operation Object
+A definition of a POST operation on this path.
+
+
+ delete
+Operation Object
+A definition of a DELETE operation on this path.
+
+
+ options
+Operation Object
+A definition of a OPTIONS operation on this path.
+
+
+ head
+Operation Object
+A definition of a HEAD operation on this path.
+
+
+ patch
+Operation Object
+A definition of a PATCH operation on this path.
+
+
+
+ parameters
+[Parameter Object | Reference Object]
+A list of parameters that are applicable for all the operations described under this path. These parameters can be overridden at the operation level, but cannot be removed there. The list MUST NOT include duplicated parameters. A unique parameter is defined by a combination of a name and location. The list can use the Reference Object to link to parameters that are defined at the Swagger Object’s parameters. There can be one “body” parameter at most.
+Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ ^x-
+Any
+Allows extensions to the Swagger Schema. The field name MUST begin with
+x-, for example, x-internal-id. The value can be null, a primitive, an array or an object. See Vendor Extensions for further details.Path Item Object Example
+
+{
+ "get": {
+ "description": "Returns pets based on ID",
+ "summary": "Find pets by ID",
+ "operationId": "getPetsById",
+ "produces": [
+ "application/json",
+ "text/html"
+ ],
+ "responses": {
+ "200": {
+ "description": "pet response",
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/Pet"
+ }
+ }
+ },
+ "default": {
+ "description": "error payload",
+ "schema": {
+ "$ref": "#/definitions/ErrorModel"
+ }
+ }
+ }
+ },
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of pet to use",
+ "required": true,
+ "type": "array",
+ "items": {
+ "type": "string"
+ },
+ "collectionFormat": "csv"
+ }
+ ]
+}
+
+get:
+ description: Returns pets based on ID
+ summary: Find pets by ID
+ operationId: getPetsById
+ produces:
+ - application/json
+ - text/html
+ responses:
+ '200':
+ description: pet response
+ schema:
+ type: array
+ items:
+ $ref: '#/definitions/Pet'
+ default:
+ description: error payload
+ schema:
+ $ref: '#/definitions/ErrorModel'
+parameters:
+- name: id
+ in: path
+ description: ID of pet to use
+ required: true
+ type: array
+ items:
+ type: string
+ collectionFormat: csv
+Operation Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ tags
+[
+string]A list of tags for API documentation control. Tags can be used for logical grouping of operations by resources or any other qualifier.
+
+
+ summary
+stringA short summary of what the operation does. For maximum readability in the swagger-ui, this field SHOULD be less than 120 characters.
+
+
+ description
+stringA verbose explanation of the operation behavior. GFM syntax can be used for rich text representation.
+
+
+ externalDocs
+External Documentation Object
+Additional external documentation for this operation.
+
+
+ operationId
+stringUnique string used to identify the operation. The id MUST be unique among all operations described in the API. Tools and libraries MAY use the operationId to uniquely identify an operation, therefore, it is recommended to follow common programming naming conventions.
+
+
+ consumes
+[
+string]A list of MIME types the operation can consume. This overrides the
+consumes definition at the Swagger Object. An empty value MAY be used to clear the global definition. Value MUST be as described under Mime Types.
+
+ produces
+[
+string]A list of MIME types the operation can produce. This overrides the
+produces definition at the Swagger Object. An empty value MAY be used to clear the global definition. Value MUST be as described under Mime Types.
+
+ parameters
+[Parameter Object | Reference Object]
+A list of parameters that are applicable for this operation. If a parameter is already defined at the Path Item, the new definition will override it, but can never remove it. The list MUST NOT include duplicated parameters. A unique parameter is defined by a combination of a name and location. The list can use the Reference Object to link to parameters that are defined at the Swagger Object’s parameters. There can be one “body” parameter at most.
+
+
+ responses
+Responses Object
+Required. The list of possible responses as they are returned from executing this operation.
+
+
+ schemes
+[
+string]The transfer protocol for the operation. Values MUST be from the list:
+"http", "https", "ws", "wss". The value overrides the Swagger Object schemes definition.
+
+ deprecated
+booleanDeclares this operation to be deprecated. Usage of the declared operation should be refrained. Default value is
+false.
+
+
+ security
+[Security Requirement Object]
+A declaration of which security schemes are applied for this operation. The list of values describes alternative security schemes that can be used (that is, there is a logical OR between the security requirements). This definition overrides any declared top-level
+security. To remove a top-level security declaration, an empty array can be used.Patterned Objects
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ ^x-
+Any
+Allows extensions to the Swagger Schema. The field name MUST begin with
+x-, for example, x-internal-id. The value can be null, a primitive, an array or an object. See Vendor Extensions for further details.Operation Object Example
+
+{
+ "tags": [
+ "pet"
+ ],
+ "summary": "Updates a pet in the store with form data",
+ "description": "",
+ "operationId": "updatePetWithForm",
+ "consumes": [
+ "application/x-www-form-urlencoded"
+ ],
+ "produces": [
+ "application/json",
+ "application/xml"
+ ],
+ "parameters": [
+ {
+ "name": "petId",
+ "in": "path",
+ "description": "ID of pet that needs to be updated",
+ "required": true,
+ "type": "string"
+ },
+ {
+ "name": "name",
+ "in": "formData",
+ "description": "Updated name of the pet",
+ "required": false,
+ "type": "string"
+ },
+ {
+ "name": "status",
+ "in": "formData",
+ "description": "Updated status of the pet",
+ "required": false,
+ "type": "string"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Pet updated."
+ },
+ "405": {
+ "description": "Invalid input"
+ }
+ },
+ "security": [
+ {
+ "petstore_auth": [
+ "write:pets",
+ "read:pets"
+ ]
+ }
+ ]
+}
+
+tags:
+- pet
+summary: Updates a pet in the store with form data
+description: ""
+operationId: updatePetWithForm
+consumes:
+- application/x-www-form-urlencoded
+produces:
+- application/json
+- application/xml
+parameters:
+- name: petId
+ in: path
+ description: ID of pet that needs to be updated
+ required: true
+ type: string
+- name: name
+ in: formData
+ description: Updated name of the pet
+ required: false
+ type: string
+- name: status
+ in: formData
+ description: Updated status of the pet
+ required: false
+ type: string
+responses:
+ '200':
+ description: Pet updated.
+ '405':
+ description: Invalid input
+security:
+- petstore_auth:
+ - write:pets
+ - read:pets
+External Documentation Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ description
+stringA short description of the target documentation. GFM syntax can be used for rich text representation.
+
+
+
+ url
+stringRequired. The URL for the target documentation. Value MUST be in the format of a URL.
+Patterned Objects
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ ^x-
+Any
+Allows extensions to the Swagger Schema. The field name MUST begin with
+x-, for example, x-internal-id. The value can be null, a primitive, an array or an object. See Vendor Extensions for further details.External Documentation Object Example
+
+{
+ "description": "Find more info here",
+ "url": "https://swagger.io"
+}
+
+description: Find more info here
+url: https://swagger.io
+Parameter Object
+
+
+/items/{itemId}, the path parameter is itemId./items?id=###, the query parameter is id.application/x-www-form-urlencoded, multipart/form-data or both are used as the content type of the request (in Swagger’s definition, the consumes property of an operation). This is the only parameter type that can be used to send files, thus supporting the file type. Since form parameters are sent in the payload, they cannot be declared together with a body parameter for the same operation. Form parameters have a different format based on the content-type used (for further details, consult http://www.w3.org/TR/html401/interact/forms.html#h-17.13.4):
+
+
+application/x-www-form-urlencoded - Similar to the format of Query parameters but as a payload. For example, foo=1&bar=swagger - both foo and bar are form parameters. This is normally used for simple parameters that are being transferred.multipart/form-data - each parameter takes a section in the payload with an internal header. For example, for the header Content-Disposition: form-data; name="submit-name" the name of the parameter is submit-name. This type of form parameters is more commonly used for file transfers.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ name
+stringRequired. The name of the parameter. Parameter names are case sensitive.
+in is "path", the name field MUST correspond to the associated path segment from the path field in the Paths Object. See Path Templating for further information.name corresponds to the parameter name used based on the in property.
+
+ in
+stringRequired. The location of the parameter. Possible values are “query”, “header”, “path”, “formData” or “body”.
+
+
+ description
+stringA brief description of the parameter. This could contain examples of use. GFM syntax can be used for rich text representation.
+
+
+
+ required
+booleanDetermines whether this parameter is mandatory. If the parameter is
+in “path”, this property is required and its value MUST be true. Otherwise, the property MAY be included and its default value is false.in is "body":
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+
+ schema
+Schema Object
+Required. The schema defining the type used for the body parameter.
+in is any value other than "body":
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ type
+stringRequired. The type of the parameter. Since the parameter is not located at the request body, it is limited to simple types (that is, not an object). The value MUST be one of
+"string", "number", "integer", "boolean", "array" or "file". If type is "file", the consumes MUST be either "multipart/form-data", " application/x-www-form-urlencoded" or both and the parameter MUST be in "formData".
+
+ format
+stringThe extending format for the previously mentioned
+type. See Data Type Formats for further details.
+
+allowEmptyValue
+booleanSets the ability to pass empty-valued parameters. This is valid only for either
+query or formData parameters and allows you to send a parameter with a name only or an empty value. Default value is false.
+
+ items
+Items Object
+Required if
+type is “array”. Describes the type of items in the array.
+
+ collectionFormat
+stringDetermines the format of the array if type array is used. Possible values are:
+
Default value is csv - comma separated values foo,bar. ssv - space separated values foo bar. tsv - tab separated values foo\tbar. pipes - pipe separated values foo|bar. multi - corresponds to multiple parameter instances instead of multiple values for a single instance foo=bar&foo=baz. This is valid only for parameters in “query” or “formData”. csv.
+
+ default
+*
+Declares the value of the parameter that the server will use if none is provided, for example a “count” to control the number of results per page might default to 100 if not supplied by the client in the request. (Note: “default” has no meaning for required parameters.) See https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-6.2. Unlike JSON Schema this value MUST conform to the defined
+type for this parameter.
+
+ maximum
+numberSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.1.2.
+
+
+ exclusiveMaximum
+booleanSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.1.2.
+
+
+ minimum
+numberSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.1.3.
+
+
+ exclusiveMinimum
+booleanSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.1.3.
+
+
+ maxLength
+integerSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.2.1.
+
+
+ minLength
+integerSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.2.2.
+
+
+ pattern
+stringSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.2.3.
+
+
+ maxItems
+integerSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.3.2.
+
+
+ minItems
+integerSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.3.3.
+
+
+ uniqueItems
+booleanSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.3.4.
+
+
+ enum
+[*]
+See https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.5.1.
+
+
+
+ multipleOf
+numberSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.1.1.
+Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ ^x-
+Any
+Allows extensions to the Swagger Schema. The field name MUST begin with
+x-, for example, x-internal-id. The value can be null, a primitive, an array or an object. See Vendor Extensions for further details.Parameter Object Examples
+Body Parameters
+
+{
+ "name": "user",
+ "in": "body",
+ "description": "user to add to the system",
+ "required": true,
+ "schema": {
+ "$ref": "#/definitions/User"
+ }
+}
+
+name: user
+in: body
+description: user to add to the system
+required: true
+schema:
+ $ref: '#/definitions/User'
+
+{
+ "name": "user",
+ "in": "body",
+ "description": "user to add to the system",
+ "required": true,
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+}
+
+name: user
+in: body
+description: user to add to the system
+required: true
+schema:
+ type: array
+ items:
+ type: string
+Other Parameters
+
+{
+ "name": "token",
+ "in": "header",
+ "description": "token to be passed as a header",
+ "required": true,
+ "type": "array",
+ "items": {
+ "type": "integer",
+ "format": "int64"
+ },
+ "collectionFormat": "csv"
+}
+
+name: token
+in: header
+description: token to be passed as a header
+required: true
+type: array
+items:
+ type: integer
+ format: int64
+collectionFormat: csv
+
+{
+ "name": "username",
+ "in": "path",
+ "description": "username to fetch",
+ "required": true,
+ "type": "string"
+}
+
+name: username
+in: path
+description: username to fetch
+required: true
+type: string
+
+{
+ "name": "id",
+ "in": "query",
+ "description": "ID of the object to fetch",
+ "required": false,
+ "type": "array",
+ "items": {
+ "type": "string"
+ },
+ "collectionFormat": "multi"
+}
+
+name: id
+in: query
+description: ID of the object to fetch
+required: false
+type: array
+items:
+ type: string
+collectionFormat: multi
+
+{
+ "name": "avatar",
+ "in": "formData",
+ "description": "The avatar of the user",
+ "required": true,
+ "type": "file"
+}
+
+name: avatar
+in: formData
+description: The avatar of the user
+required: true
+type: file
+Items Object
+in "body".Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ type
+stringRequired. The internal type of the array. The value MUST be one of
+"string", "number", "integer", "boolean", or "array". Files and models are not allowed.
+
+ format
+stringThe extending format for the previously mentioned
+type. See Data Type Formats for further details.
+
+ items
+Items Object
+Required if
+type is “array”. Describes the type of items in the array.
+
+ collectionFormat
+stringDetermines the format of the array if type array is used. Possible values are:
+
Default value is csv - comma separated values foo,bar. ssv - space separated values foo bar. tsv - tab separated values foo\tbar. pipes - pipe separated values foo|bar. csv.
+
+ default
+*
+Declares the value of the item that the server will use if none is provided. (Note: “default” has no meaning for required items.) See https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-6.2. Unlike JSON Schema this value MUST conform to the defined
+type for the data type.
+
+ maximum
+numberSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.1.2.
+
+
+ exclusiveMaximum
+booleanSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.1.2.
+
+
+ minimum
+numberSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.1.3.
+
+
+ exclusiveMinimum
+booleanSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.1.3.
+
+
+ maxLength
+integerSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.2.1.
+
+
+ minLength
+integerSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.2.2.
+
+
+ pattern
+stringSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.2.3.
+
+
+ maxItems
+integerSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.3.2.
+
+
+ minItems
+integerSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.3.3.
+
+
+ uniqueItems
+booleanSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.3.4.
+
+
+ enum
+[*]
+See https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.5.1.
+
+
+
+ multipleOf
+numberSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.1.1.
+Patterned Objects
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ ^x-
+Any
+Allows extensions to the Swagger Schema. The field name MUST begin with
+x-, for example, x-internal-id. The value can be null, a primitive, an array or an object. See Vendor Extensions for further details.Items Object Examples
+
+{
+ "type": "string",
+ "minLength": 2
+}
+
+type: string
+minLength: 2
+
+{
+ "type": "array",
+ "items": {
+ "type": "integer",
+ "minimum": 0,
+ "maximum": 63
+ }
+}
+
+type: array
+items:
+ type: integer
+ minimum: 0
+ maximum: 63
+Responses Object
+default can be used as the default response object for all HTTP codes that are not covered individually by the specification.Responses Object MUST contain at least one response code, and it SHOULD be the response for a successful operation call.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+
+ default
+Response Object | Reference Object
+The documentation of responses other than the ones declared for specific HTTP response codes. It can be used to cover undeclared responses. Reference Object can be used to link to a response that is defined at the Swagger Object’s responses section.
+Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+ {HTTP Status Code}
+Response Object | Reference Object
+Any HTTP status code can be used as the property name (one property per HTTP status code). Describes the expected response for that HTTP status code. Reference Object can be used to link to a response that is defined at the Swagger Object’s responses section.
+
+
+
+ ^x-
+Any
+Allows extensions to the Swagger Schema. The field name MUST begin with
+x-, for example, x-internal-id. The value can be null, a primitive, an array or an object. See Vendor Extensions for further details.Responses Object Example
+
+{
+ "200": {
+ "description": "a pet to be returned",
+ "schema": {
+ "$ref": "#/definitions/Pet"
+ }
+ },
+ "default": {
+ "description": "Unexpected error",
+ "schema": {
+ "$ref": "#/definitions/ErrorModel"
+ }
+ }
+}
+
+'200':
+ description: a pet to be returned
+ schema:
+ $ref: '#/definitions/Pet'
+default:
+ description: Unexpected error
+ schema:
+ $ref: '#/definitions/ErrorModel'
+Response Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ description
+stringRequired. A short description of the response. GFM syntax can be used for rich text representation.
+
+
+ schema
+Schema Object
+A definition of the response structure. It can be a primitive, an array or an object. If this field does not exist, it means no content is returned as part of the response. As an extension to the Schema Object, its root
+type value may also be "file". This SHOULD be accompanied by a relevant produces mime-type.
+
+ headers
+Headers Object
+A list of headers that are sent with the response.
+
+
+
+ examples
+Example Object
+An example of the response message.
+Patterned Objects
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ ^x-
+Any
+Allows extensions to the Swagger Schema. The field name MUST begin with
+x-, for example, x-internal-id. The value can be null, a primitive, an array or an object. See Vendor Extensions for further details.Response Object Examples
+
+{
+ "description": "A complex object array response",
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/VeryComplexType"
+ }
+ }
+}
+
+description: A complex object array response
+schema:
+ type: array
+ items:
+ $ref: '#/definitions/VeryComplexType'
+
+{
+ "description": "A simple string response",
+ "schema": {
+ "type": "string"
+ }
+}
+
+description: A simple string response
+schema:
+ type: string
+
+{
+ "description": "A simple string response",
+ "schema": {
+ "type": "string"
+ },
+ "headers": {
+ "X-Rate-Limit-Limit": {
+ "description": "The number of allowed requests in the current period",
+ "type": "integer"
+ },
+ "X-Rate-Limit-Remaining": {
+ "description": "The number of remaining requests in the current period",
+ "type": "integer"
+ },
+ "X-Rate-Limit-Reset": {
+ "description": "The number of seconds left in the current period",
+ "type": "integer"
+ }
+ }
+}
+
+description: A simple string response
+schema:
+ type: string
+headers:
+ X-Rate-Limit-Limit:
+ description: The number of allowed requests in the current period
+ type: integer
+ X-Rate-Limit-Remaining:
+ description: The number of remaining requests in the current period
+ type: integer
+ X-Rate-Limit-Reset:
+ description: The number of seconds left in the current period
+ type: integer
+
+{
+ "description": "object created"
+}
+
+description: object created
+Headers Object
+Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ {name}
+Header Object
+The name of the property corresponds to the name of the header. The value describes the type of the header.
+Headers Object Example
+
+{
+ "X-Rate-Limit-Limit": {
+ "description": "The number of allowed requests in the current period",
+ "type": "integer"
+ },
+ "X-Rate-Limit-Remaining": {
+ "description": "The number of remaining requests in the current period",
+ "type": "integer"
+ },
+ "X-Rate-Limit-Reset": {
+ "description": "The number of seconds left in the current period",
+ "type": "integer"
+ }
+}
+
+X-Rate-Limit-Limit:
+ description: The number of allowed requests in the current period
+ type: integer
+X-Rate-Limit-Remaining:
+ description: The number of remaining requests in the current period
+ type: integer
+X-Rate-Limit-Reset:
+ description: The number of seconds left in the current period
+ type: integer
+Example Object
+Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ {mime type}
+Any
+The name of the property MUST be one of the Operation
+produces values (either implicit or inherited). The value SHOULD be an example of what such a response would look like.Example Object Example
+
+{
+ "application/json": {
+ "name": "Puma",
+ "type": "Dog",
+ "color": "Black",
+ "gender": "Female",
+ "breed": "Mixed"
+ }
+}
+
+application/json:
+ name: Puma
+ type: Dog
+ color: Black
+ gender: Female
+ breed: Mixed
+Header Object
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ description
+stringA short description of the header.
+
+
+ type
+stringRequired. The type of the object. The value MUST be one of
+"string", "number", "integer", "boolean", or "array".
+
+ format
+stringThe extending format for the previously mentioned
+type. See Data Type Formats for further details.
+
+ items
+Items Object
+Required if
+type is “array”. Describes the type of items in the array.
+
+ collectionFormat
+stringDetermines the format of the array if type array is used. Possible values are:
+
Default value is csv - comma separated values foo,bar. ssv - space separated values foo bar. tsv - tab separated values foo\tbar. pipes - pipe separated values foo|bar. csv.
+
+ default
+*
+Declares the value of the header that the server will use if none is provided. (Note: “default” has no meaning for required headers.) See https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-6.2. Unlike JSON Schema this value MUST conform to the defined
+type for the header.
+
+ maximum
+numberSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.1.2.
+
+
+ exclusiveMaximum
+booleanSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.1.2.
+
+
+ minimum
+numberSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.1.3.
+
+
+ exclusiveMinimum
+booleanSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.1.3.
+
+
+ maxLength
+integerSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.2.1.
+
+
+ minLength
+integerSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.2.2.
+
+
+ pattern
+stringSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.2.3.
+
+
+ maxItems
+integerSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.3.2.
+
+
+ minItems
+integerSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.3.3.
+
+
+ uniqueItems
+booleanhttps://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.3.4.
+
+
+ enum
+[*]
+See https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.5.1.
+
+
+
+ multipleOf
+numberSee https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.1.1.
+Patterned Objects
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ ^x-
+Any
+Allows extensions to the Swagger Schema. The field name MUST begin with
+x-, for example, x-internal-id. The value can be null, a primitive, an array or an object. See Vendor Extensions for further details.Header Object Example
+
+{
+ "description": "The number of allowed requests in the current period",
+ "type": "integer"
+}
+
+description: The number of allowed requests in the current period
+type: integer
+Tag Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ name
+stringRequired. The name of the tag.
+
+
+ description
+stringA short description for the tag. GFM syntax can be used for rich text representation.
+
+
+
+ externalDocs
+External Documentation Object
+Additional external documentation for this tag.
+Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ ^x-
+Any
+Allows extensions to the Swagger Schema. The field name MUST begin with
+x-, for example, x-internal-id. The value can be null, a primitive, an array or an object. See Vendor Extensions for further details.Tag Object Example
+
+{
+ "name": "pet",
+ "description": "Pets operations"
+}
+
+name: pet
+description: Pets operations
+Reference Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+
+ $ref
+stringRequired. The reference string.
+Reference Object Example
+
+{
+ "$ref": "#/definitions/Pet"
+}
+
+$ref: '#/definitions/Pet'
+Relative Schema File Example
+
+{
+ "$ref": "Pet.json"
+}
+
+$ref: 'Pet.yaml'
+Relative Files With Embedded Schema Example
+
+{
+ "$ref": "definitions.json#/Pet"
+}
+
+$ref: 'definitions.yaml#/Pet'
+Schema Object
+
+
+
+
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ discriminator
+stringAdds support for polymorphism. The discriminator is the schema property name that is used to differentiate between other schema that inherit this schema. The property name used MUST be defined at this schema and it MUST be in the
+required property list. When used, the value MUST be the name of this schema or any schema that inherits it.
+
+ readOnly
+booleanRelevant only for Schema
+"properties" definitions. Declares the property as “read only”. This means that it MAY be sent as part of a response but MUST NOT be sent as part of the request. Properties marked as readOnly being true SHOULD NOT be in the required list of the defined schema. Default value is false.
+
+ xml
+XML Object
+This MAY be used only on properties schemas. It has no effect on root schemas. Adds Additional metadata to describe the XML representation format of this property.
+
+
+ externalDocs
+External Documentation Object
+Additional external documentation for this schema.
+
+
+
+ example
+Any
+A free-form property to include an example of an instance for this schema.
+Patterned Objects
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ ^x-
+Any
+Allows extensions to the Swagger Schema. The field name MUST begin with
+x-, for example, x-internal-id. The value can be null, a primitive, an array or an object. See Vendor Extensions for further details.Composition and Inheritance (Polymorphism)
+allOf property of JSON Schema, in effect offering model composition. allOf takes in an array of object definitions that are validated independently but together compose a single object.discriminator field. When used, the discriminator will be the name of the property used to decide which schema definition is used to validate the structure of the model. As such, the discriminator field MUST be a required field. The value of the chosen property has to be the friendly name given to the model under the definitions property. As such, inline schema definitions, which do not have a given id, cannot be used in polymorphism.XML Modeling
+Schema Object Examples
+Primitive Sample
+
+{
+ "type": "string",
+ "format": "email"
+}
+
+type: string
+format: email
+Simple Model
+
+{
+ "type": "object",
+ "required": [
+ "name"
+ ],
+ "properties": {
+ "name": {
+ "type": "string"
+ },
+ "address": {
+ "$ref": "#/definitions/Address"
+ },
+ "age": {
+ "type": "integer",
+ "format": "int32",
+ "minimum": 0
+ }
+ }
+}
+
+type: object
+required:
+- name
+properties:
+ name:
+ type: string
+ address:
+ $ref: '#/definitions/Address'
+ age:
+ type: integer
+ format: int32
+ minimum: 0
+Model with Map/Dictionary Properties
+
+{
+ "type": "object",
+ "additionalProperties": {
+ "type": "string"
+ }
+}
+
+type: object
+additionalProperties:
+ type: string
+
+{
+ "type": "object",
+ "additionalProperties": {
+ "$ref": "#/definitions/ComplexModel"
+ }
+}
+
+type: object
+additionalProperties:
+ $ref: '#/definitions/ComplexModel'
+Model with Example
+
+{
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "integer",
+ "format": "int64"
+ },
+ "name": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "name"
+ ],
+ "example": {
+ "name": "Puma",
+ "id": 1
+ }
+}
+
+type: object
+properties:
+ id:
+ type: integer
+ format: int64
+ name:
+ type: string
+required:
+- name
+example:
+ name: Puma
+ id: 1
+Models with Composition
+
+{
+ "definitions": {
+ "ErrorModel": {
+ "type": "object",
+ "required": [
+ "message",
+ "code"
+ ],
+ "properties": {
+ "message": {
+ "type": "string"
+ },
+ "code": {
+ "type": "integer",
+ "minimum": 100,
+ "maximum": 600
+ }
+ }
+ },
+ "ExtendedErrorModel": {
+ "allOf": [
+ {
+ "$ref": "#/definitions/ErrorModel"
+ },
+ {
+ "type": "object",
+ "required": [
+ "rootCause"
+ ],
+ "properties": {
+ "rootCause": {
+ "type": "string"
+ }
+ }
+ }
+ ]
+ }
+ }
+}
+
+definitions:
+ ErrorModel:
+ type: object
+ required:
+ - message
+ - code
+ properties:
+ message:
+ type: string
+ code:
+ type: integer
+ minimum: 100
+ maximum: 600
+ ExtendedErrorModel:
+ allOf:
+ - $ref: '#/definitions/ErrorModel'
+ - type: object
+ required:
+ - rootCause
+ properties:
+ rootCause:
+ type: string
+Models with Polymorphism Support
+
+{
+ "definitions": {
+ "Pet": {
+ "type": "object",
+ "discriminator": "petType",
+ "properties": {
+ "name": {
+ "type": "string"
+ },
+ "petType": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "name",
+ "petType"
+ ]
+ },
+ "Cat": {
+ "description": "A representation of a cat",
+ "allOf": [
+ {
+ "$ref": "#/definitions/Pet"
+ },
+ {
+ "type": "object",
+ "properties": {
+ "huntingSkill": {
+ "type": "string",
+ "description": "The measured skill for hunting",
+ "default": "lazy",
+ "enum": [
+ "clueless",
+ "lazy",
+ "adventurous",
+ "aggressive"
+ ]
+ }
+ },
+ "required": [
+ "huntingSkill"
+ ]
+ }
+ ]
+ },
+ "Dog": {
+ "description": "A representation of a dog",
+ "allOf": [
+ {
+ "$ref": "#/definitions/Pet"
+ },
+ {
+ "type": "object",
+ "properties": {
+ "packSize": {
+ "type": "integer",
+ "format": "int32",
+ "description": "the size of the pack the dog is from",
+ "default": 0,
+ "minimum": 0
+ }
+ },
+ "required": [
+ "packSize"
+ ]
+ }
+ ]
+ }
+ }
+}
+
+definitions:
+ Pet:
+ type: object
+ discriminator: petType
+ properties:
+ name:
+ type: string
+ petType:
+ type: string
+ required:
+ - name
+ - petType
+ Cat:
+ description: A representation of a cat
+ allOf:
+ - $ref: '#/definitions/Pet'
+ - type: object
+ properties:
+ huntingSkill:
+ type: string
+ description: The measured skill for hunting
+ default: lazy
+ enum:
+ - clueless
+ - lazy
+ - adventurous
+ - aggressive
+ required:
+ - huntingSkill
+ Dog:
+ description: A representation of a dog
+ allOf:
+ - $ref: '#/definitions/Pet'
+ - type: object
+ properties:
+ packSize:
+ type: integer
+ format: int32
+ description: the size of the pack the dog is from
+ default: 0
+ minimum: 0
+ required:
+ - packSize
+XML Object
+name property should be used to add that information. See examples for expected behavior.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ name
+stringReplaces the name of the element/attribute used for the described schema property. When defined within the Items Object (
+items), it will affect the name of the individual XML elements within the list. When defined alongside type being array (outside the items), it will affect the wrapping element and only if wrapped is true. If wrapped is false, it will be ignored.
+
+ namespace
+stringThe URL of the namespace definition. Value SHOULD be in the form of a URL.
+
+
+ prefix
+stringThe prefix to be used for the name.
+
+
+ attribute
+booleanDeclares whether the property definition translates to an attribute instead of an element. Default value is
+false.
+
+
+ wrapped
+booleanMAY be used only for an array definition. Signifies whether the array is wrapped (for example,
+<books><book/><book/></books>) or unwrapped (<book/><book/>). Default value is false. The definition takes effect only when defined alongside type being array (outside the items).Patterned Objects
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ ^x-
+Any
+Allows extensions to the Swagger Schema. The field name MUST begin with
+x-, for example, x-internal-id. The value can be null, a primitive, an array or an object. See Vendor Extensions for further details.XML Object Examples
+No XML Element
+
+{
+ "animals": {
+ "type": "string"
+ }
+}
+
+animals:
+ type: string
+
+<animals>...</animals>
+wrapped is false by default):
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+
+<animals>...</animals>
+<animals>...</animals>
+<animals>...</animals>
+XML Name Replacement
+
+{
+ "animals": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ }
+}
+
+animals:
+ type: string
+ xml:
+ name: animal
+
+<animal>...</animal>
+XML Attribute, Prefix and Namespace
+
+{
+ "Person": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "integer",
+ "format": "int32",
+ "xml": {
+ "attribute": true
+ }
+ },
+ "name": {
+ "type": "string",
+ "xml": {
+ "namespace": "http://swagger.io/schema/sample",
+ "prefix": "sample"
+ }
+ }
+ }
+ }
+}
+
+Person:
+ type: object
+ properties:
+ id:
+ type: integer
+ format: int32
+ xml:
+ attribute: true
+ name:
+ type: string
+ xml:
+ namespace: http://swagger.io/schema/sample
+ prefix: sample
+
+<Person id="123">
+ <sample:name xmlns:sample="http://swagger.io/schema/sample">example</sample:name>
+</Person>
+XML Arrays
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: animal
+
+<animal>value</animal>
+<animal>value</animal>
+name property has no effect on the XML:
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ },
+ "xml": {
+ "name": "aliens"
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: animal
+ xml:
+ name: aliens
+
+<animal>value</animal>
+<animal>value</animal>
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ },
+ "xml": {
+ "wrapped": true
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ wrapped: true
+
+<animals>
+ <animals>value</animals>
+ <animals>value</animals>
+</animals>
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ },
+ "xml": {
+ "wrapped": true
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: animal
+ xml:
+ wrapped: true
+
+<animals>
+ <animal>value</animal>
+ <animal>value</animal>
+</animals>
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ },
+ "xml": {
+ "name": "aliens",
+ "wrapped": true
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: animal
+ xml:
+ name: aliens
+ wrapped: true
+
+<aliens>
+ <animal>value</animal>
+ <animal>value</animal>
+</aliens>
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ },
+ "xml": {
+ "name": "aliens",
+ "wrapped": true
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: aliens
+ wrapped: true
+
+<aliens>
+ <aliens>value</aliens>
+ <aliens>value</aliens>
+</aliens>
+Definitions Object
+Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ {name}
+Schema Object
+A single definition, mapping a “name” to the schema it defines.
+Definitions Object Example
+
+{
+ "Category": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "integer",
+ "format": "int64"
+ },
+ "name": {
+ "type": "string"
+ }
+ }
+ },
+ "Tag": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "integer",
+ "format": "int64"
+ },
+ "name": {
+ "type": "string"
+ }
+ }
+ }
+}
+
+Category:
+ type: object
+ properties:
+ id:
+ type: integer
+ format: int64
+ name:
+ type: string
+Tag:
+ type: object
+ properties:
+ id:
+ type: integer
+ format: int64
+ name:
+ type: string
+Parameters Definitions Object
+Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ {name}
+Parameter Object
+A single parameter definition, mapping a “name” to the parameter it defines.
+Parameters Definition Object Example
+
+{
+ "skipParam": {
+ "name": "skip",
+ "in": "query",
+ "description": "number of items to skip",
+ "required": true,
+ "type": "integer",
+ "format": "int32"
+ },
+ "limitParam": {
+ "name": "limit",
+ "in": "query",
+ "description": "max records to return",
+ "required": true,
+ "type": "integer",
+ "format": "int32"
+ }
+}
+
+skipParam:
+ name: skip
+ in: query
+ description: number of items to skip
+ required: true
+ type: integer
+ format: int32
+limitParam:
+ name: limit
+ in: query
+ description: max records to return
+ required: true
+ type: integer
+ format: int32
+Responses Definitions Object
+Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ {name}
+Response Object
+A single response definition, mapping a “name” to the response it defines.
+Responses Definitions Object Example
+
+{
+ "NotFound": {
+ "description": "Entity not found."
+ },
+ "IllegalInput": {
+ "description": "Illegal input for operation."
+ },
+ "GeneralError": {
+ "description": "General Error",
+ "schema": {
+ "$ref": "#/definitions/GeneralError"
+ }
+ }
+}
+
+NotFound:
+ description: Entity not found.
+IllegalInput:
+ description: Illegal input for operation.
+GeneralError:
+ description: General Error
+ schema:
+ $ref: '#/definitions/GeneralError'
+Security Definitions Object
+Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ {name}
+Security Scheme Object
+A single security scheme definition, mapping a “name” to the scheme it defines.
+Security Definitions Object Example
+
+{
+ "api_key": {
+ "type": "apiKey",
+ "name": "api_key",
+ "in": "header"
+ },
+ "petstore_auth": {
+ "type": "oauth2",
+ "authorizationUrl": "http://swagger.io/api/oauth/dialog",
+ "flow": "implicit",
+ "scopes": {
+ "write:pets": "modify pets in your account",
+ "read:pets": "read your pets"
+ }
+ }
+}
+
+api_key:
+ type: apiKey
+ name: api_key
+ in: header
+petstore_auth:
+ type: oauth2
+ authorizationUrl: http://swagger.io/api/oauth/dialog
+ flow: implicit
+ scopes:
+ write:pets: modify pets in your account
+ read:pets: read your pets
+Security Scheme Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Validity
+Description
+
+
+ type
+stringAny
+Required. The type of the security scheme. Valid values are
+"basic", "apiKey" or "oauth2".
+
+ description
+stringAny
+A short description for security scheme.
+
+
+ name
+stringapiKeyRequired. The name of the header or query parameter to be used.
+
+
+ in
+stringapiKeyRequired The location of the API key. Valid values are
+"query" or "header".
+
+ flow
+stringoauth2Required. The flow used by the OAuth2 security scheme. Valid values are
+"implicit", "password", "application" or "accessCode".
+
+ authorizationUrl
+stringoauth2 ("implicit", "accessCode")Required. The authorization URL to be used for this flow. This SHOULD be in the form of a URL.
+
+
+ tokenUrl
+stringoauth2 ("password", "application", "accessCode")Required. The token URL to be used for this flow. This SHOULD be in the form of a URL.
+
+
+
+ scopes
+Scopes Object
+oauth2Required. The available scopes for the OAuth2 security scheme.
+Patterned Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+
+ ^x-
+Any
+Allows extensions to the Swagger Schema. The field name MUST begin with
+x-, for example, x-internal-id. The value can be null, a primitive, an array or an object. See Vendor Extensions for further details.Security Scheme Object Example
+Basic Authentication Sample
+
+{
+ "type": "basic"
+}
+
+type: basic
+API Key Sample
+
+{
+ "type": "apiKey",
+ "name": "api_key",
+ "in": "header"
+}
+
+type: apiKey
+name: api_key
+in: header
+Implicit OAuth2 Sample
+
+{
+ "type": "oauth2",
+ "authorizationUrl": "http://swagger.io/api/oauth/dialog",
+ "flow": "implicit",
+ "scopes": {
+ "write:pets": "modify pets in your account",
+ "read:pets": "read your pets"
+ }
+}
+
+type: oauth2
+authorizationUrl: http://swagger.io/api/oauth/dialog
+flow: implicit
+scopes:
+ write:pets: modify pets in your account
+ read:pets: read your pets
+Scopes Object
+Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ {name}
+stringMaps between a name of a scope to a short description of it (as the value of the property).
+Patterned Objects
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ ^x-
+Any
+Allows extensions to the Swagger Schema. The field name MUST begin with
+x-, for example, x-internal-id. The value can be null, a primitive, an array or an object. See Vendor Extensions for further details.Scopes Object Example
+
+{
+ "write:pets": "modify pets in your account",
+ "read:pets": "read your pets"
+}
+
+write:pets: modify pets in your account
+read:pets: read your pets
+Security Requirement Object
+Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ {name}
+[
+string]Each name must correspond to a security scheme which is declared in the Security Definitions. If the security scheme is of type
+"oauth2", then the value is a list of scope names required for the execution. For other security scheme types, the array MUST be empty.Security Requirement Object Examples
+Non-OAuth2 Security Requirement
+
+{
+ "api_key": []
+}
+
+api_key: []
+OAuth2 Security Requirement
+
+{
+ "petstore_auth": [
+ "write:pets",
+ "read:pets"
+ ]
+}
+
+petstore_auth:
+- write:pets
+- read:pets
+Specification Extensions
+"x-" and can have any valid JSON format value.Security Filtering
+
+
+
diff --git a/docs/oas/v3.0.0.html b/docs/oas/v3.0.0.html
new file mode 100644
index 0000000000..21858ba5e6
--- /dev/null
+++ b/docs/oas/v3.0.0.html
@@ -0,0 +1,4093 @@
+OpenAPI Specification v3.0.0
Status of This Document
The source-of-truth for the specification is the GitHub markdown file referenced above.OpenAPI Specification
+Version 3.0.0
+Introduction
+Definitions
+OpenAPI Document
+Path Templating
+Media Types
+
+
+ text/plain; charset=utf-8
+ application/json
+ application/vnd.github+json
+ application/vnd.github.v3+json
+ application/vnd.github.v3.raw+json
+ application/vnd.github.v3.text+json
+ application/vnd.github.v3.html+json
+ application/vnd.github.v3.full+json
+ application/vnd.github.v3.diff
+ application/vnd.github.v3.patch
+HTTP Status Codes
+Specification
+Versions
+major.minor portion of the semver (for example 3.0) SHALL designate the OAS feature set. Typically, .patch versions address errors in this document, not the feature set. Tooling which supports OAS 3.0 SHOULD be compatible with all OAS 3.0.* versions. The patch version SHOULD NOT be considered by tooling, making no distinction between 3.0.0 and 3.0.1 for example.minor version number) SHOULD NOT interfere with tooling developed to a lower minor version and same major version. Thus a hypothetical 3.1.0 specification SHOULD be usable with tooling designed for 3.0.0.openapi field which designates the semantic version of the OAS that it uses. (OAS 2.0 documents contain a top-level version field named swagger and value "2.0".)Format
+
+{
+ "field": [ 1, 2, 3 ]
+}
+
+
+Document Structure
+$ref fields MUST be used in the specification to reference those parts as follows from the JSON Schema definitions.openapi.json or openapi.yaml.Data Types
+integer as a type is also supported and is defined as a JSON number without a fraction or exponent part.
+null is not supported as a type (see nullable for an alternative solution).
+Models are defined using the Schema Object, which is an extended subset of JSON Schema Specification Wright Draft 00.format.
+OAS uses several known formats to define in fine detail the data type being used.
+However, to support documentation needs, the format property is an open string-valued property, and can have any value.
+Formats such as "email", "uuid", and so on, MAY be used even though undefined by this specification.
+Types that are not accompanied by a format property follow the type definition in the JSON Schema. Tools that do not recognize a specific format MAY default back to the type alone, as if the format is not specified.
+
+
+
+
+
+
+Common Name
+typeformatComments
+
+
+integer
+integerint32signed 32 bits
+
+
+long
+integerint64signed 64 bits
+
+
+float
+numberfloat
+
+
+double
+numberdouble
+
+
+string
+string
+
+
+
+byte
+stringbytebase64 encoded characters
+
+
+binary
+stringbinaryany sequence of octets
+
+
+boolean
+boolean
+
+
+
+date
+stringdateAs defined by
+full-date - [!RFC3339]
+
+dateTime
+stringdate-timeAs defined by
+date-time - [!RFC3339]
+
+
+password
+stringpasswordA hint to UIs to obscure input.
+Rich Text Formatting
+description fields are noted as supporting CommonMark markdown formatting.
+Where OpenAPI tooling renders rich text it MUST support, at a minimum, markdown syntax as described by CommonMark 0.27. Tooling MAY choose to ignore some CommonMark features to address security concerns.Relative References in URLs
+Server Object as a Base URI.$ref are processed as per JSON Reference, using the URL of the current document as the base URI. See also the Reference Object.Schema
+OpenAPI Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ openapi
+stringREQUIRED. This string MUST be the semantic version number of the OpenAPI Specification version that the OpenAPI document uses. The
+openapi field SHOULD be used by tooling specifications and clients to interpret the OpenAPI document. This is not related to the API info.version string.
+
+ info
+Info Object
+REQUIRED. Provides metadata about the API. The metadata MAY be used by tooling as required.
+
+
+ servers
+[Server Object]
+An array of Server Objects, which provide connectivity information to a target server. If the
+servers property is not provided, or is an empty array, the default value would be a Server Object with a url value of /.
+
+ paths
+Paths Object
+REQUIRED. The available paths and operations for the API.
+
+
+ components
+Components Object
+An element to hold various schemas for the specification.
+
+
+ security
+[Security Requirement Object]
+A declaration of which security mechanisms can be used across the API. The list of values includes alternative security requirement objects that can be used. Only one of the security requirement objects need to be satisfied to authorize a request. Individual operations can override this definition.
+
+
+ tags
+[Tag Object]
+A list of tags used by the specification with additional metadata. The order of the tags can be used to reflect on their order by the parsing tools. Not all tags that are used by the Operation Object must be declared. The tags that are not declared MAY be organized randomly or based on the tools’ logic. Each tag name in the list MUST be unique.
+
+
+
+ externalDocs
+External Documentation Object
+Additional external documentation.
+Info Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ title
+stringREQUIRED. The title of the application.
+
+
+ description
+stringA short description of the application. CommonMark syntax MAY be used for rich text representation.
+
+
+ termsOfService
+stringA URL to the Terms of Service for the API. MUST be in the format of a URL.
+
+
+ contact
+Contact Object
+The contact information for the exposed API.
+
+
+ license
+License Object
+The license information for the exposed API.
+
+
+
+ version
+stringREQUIRED. The version of the OpenAPI document (which is distinct from the OpenAPI Specification version or the API implementation version).
+Info Object Example:
+
+{
+ "title": "Sample Pet Store App",
+ "description": "This is a sample server for a pet store.",
+ "termsOfService": "http://example.com/terms/",
+ "contact": {
+ "name": "API Support",
+ "url": "http://www.example.com/support",
+ "email": "support@example.com"
+ },
+ "license": {
+ "name": "Apache 2.0",
+ "url": "http://www.apache.org/licenses/LICENSE-2.0.html"
+ },
+ "version": "1.0.1"
+}
+
+title: Sample Pet Store App
+description: This is a sample server for a pet store.
+termsOfService: http://example.com/terms/
+contact:
+ name: API Support
+ url: http://www.example.com/support
+ email: support@example.com
+license:
+ name: Apache 2.0
+ url: http://www.apache.org/licenses/LICENSE-2.0.html
+version: 1.0.1
+Contact Object
+Fixed Fields
+Contact Object Example:
+
+{
+ "name": "API Support",
+ "url": "http://www.example.com/support",
+ "email": "support@example.com"
+}
+
+name: API Support
+url: http://www.example.com/support
+email: support@example.com
+License Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ name
+stringREQUIRED. The license name used for the API.
+
+
+
+ url
+stringA URL to the license used for the API. MUST be in the format of a URL.
+License Object Example:
+
+{
+ "name": "Apache 2.0",
+ "url": "http://www.apache.org/licenses/LICENSE-2.0.html"
+}
+
+name: Apache 2.0
+url: http://www.apache.org/licenses/LICENSE-2.0.html
+Server Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ url
+stringREQUIRED. A URL to the target host. This URL supports Server Variables and MAY be relative, to indicate that the host location is relative to the location where the OpenAPI document is being served. Variable substitutions will be made when a variable is named in
+{brackets}.
+
+ description
+stringAn optional string describing the host designated by the URL. CommonMark syntax MAY be used for rich text representation.
+
+
+
+ variables
+Map[
+string, Server Variable Object]A map between a variable name and its value. The value is used for substitution in the server’s URL template.
+Server Object Example
+
+{
+ "url": "https://development.gigantic-server.com/v1",
+ "description": "Development server"
+}
+
+url: https://development.gigantic-server.com/v1
+description: Development server
+servers:
+{
+ "servers": [
+ {
+ "url": "https://development.gigantic-server.com/v1",
+ "description": "Development server"
+ },
+ {
+ "url": "https://staging.gigantic-server.com/v1",
+ "description": "Staging server"
+ },
+ {
+ "url": "https://api.gigantic-server.com/v1",
+ "description": "Production server"
+ }
+ ]
+}
+
+servers:
+- url: https://development.gigantic-server.com/v1
+ description: Development server
+- url: https://staging.gigantic-server.com/v1
+ description: Staging server
+- url: https://api.gigantic-server.com/v1
+ description: Production server
+
+{
+ "servers": [
+ {
+ "url": "https://{username}.gigantic-server.com:{port}/{basePath}",
+ "description": "The production API server",
+ "variables": {
+ "username": {
+ "default": "demo",
+ "description": "this value is assigned by the service provider, in this example `gigantic-server.com`"
+ },
+ "port": {
+ "enum": [
+ "8443",
+ "443"
+ ],
+ "default": "8443"
+ },
+ "basePath": {
+ "default": "v2"
+ }
+ }
+ }
+ ]
+}
+
+servers:
+- url: https://{username}.gigantic-server.com:{port}/{basePath}
+ description: The production API server
+ variables:
+ username:
+ # note! no enum here means it is an open value
+ default: demo
+ description: this value is assigned by the service provider, in this example `gigantic-server.com`
+ port:
+ enum:
+ - '8443'
+ - '443'
+ default: '8443'
+ basePath:
+ # open meaning there is the opportunity to use special base paths as assigned by the provider, default is `v2`
+ default: v2
+Server Variable Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ enum
+[
+string]An enumeration of string values to be used if the substitution options are from a limited set.
+
+
+ default
+stringREQUIRED. The default value to use for substitution, and to send, if an alternate value is not supplied. Unlike the Schema Object’s
+default, this value MUST be provided by the consumer.
+
+
+ description
+stringAn optional description for the server variable. CommonMark syntax MAY be used for rich text representation.
+Components Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ schemas
+Map[
+string, Schema Object | Reference Object]An object to hold reusable Schema Objects.
+
+
+ responses
+Map[
+string, Response Object | Reference Object]An object to hold reusable Response Objects.
+
+
+ parameters
+Map[
+string, Parameter Object | Reference Object]An object to hold reusable Parameter Objects.
+
+
+ examples
+Map[
+string, Example Object | Reference Object]An object to hold reusable Example Objects.
+
+
+ requestBodies
+Map[
+string, Request Body Object | Reference Object]An object to hold reusable Request Body Objects.
+
+
+ headers
+Map[
+string, Header Object | Reference Object]An object to hold reusable Header Objects.
+
+
+ securitySchemes
+Map[
+string, Security Scheme Object | Reference Object]An object to hold reusable Security Scheme Objects.
+
+
+ links
+Map[
+string, Link Object | Reference Object]An object to hold reusable Link Objects.
+
+
+
+ callbacks
+Map[
+string, Callback Object | Reference Object]An object to hold reusable Callback Objects.
+^[a-zA-Z0-9\.\-_]+$.
+
+User
+User_1
+User_Name
+user-name
+my.org.User
+Components Object Example
+
+"components": {
+ "schemas": {
+ "Category": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "integer",
+ "format": "int64"
+ },
+ "name": {
+ "type": "string"
+ }
+ }
+ },
+ "Tag": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "integer",
+ "format": "int64"
+ },
+ "name": {
+ "type": "string"
+ }
+ }
+ }
+ },
+ "parameters": {
+ "skipParam": {
+ "name": "skip",
+ "in": "query",
+ "description": "number of items to skip",
+ "required": true,
+ "schema": {
+ "type": "integer",
+ "format": "int32"
+ }
+ },
+ "limitParam": {
+ "name": "limit",
+ "in": "query",
+ "description": "max records to return",
+ "required": true,
+ "schema" : {
+ "type": "integer",
+ "format": "int32"
+ }
+ }
+ },
+ "responses": {
+ "NotFound": {
+ "description": "Entity not found."
+ },
+ "IllegalInput": {
+ "description": "Illegal input for operation."
+ },
+ "GeneralError": {
+ "description": "General Error",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GeneralError"
+ }
+ }
+ }
+ }
+ },
+ "securitySchemes": {
+ "api_key": {
+ "type": "apiKey",
+ "name": "api_key",
+ "in": "header"
+ },
+ "petstore_auth": {
+ "type": "oauth2",
+ "flows": {
+ "implicit": {
+ "authorizationUrl": "http://example.org/api/oauth/dialog",
+ "scopes": {
+ "write:pets": "modify pets in your account",
+ "read:pets": "read your pets"
+ }
+ }
+ }
+ }
+ }
+}
+
+components:
+ schemas:
+ Category:
+ type: object
+ properties:
+ id:
+ type: integer
+ format: int64
+ name:
+ type: string
+ Tag:
+ type: object
+ properties:
+ id:
+ type: integer
+ format: int64
+ name:
+ type: string
+ parameters:
+ skipParam:
+ name: skip
+ in: query
+ description: number of items to skip
+ required: true
+ schema:
+ type: integer
+ format: int32
+ limitParam:
+ name: limit
+ in: query
+ description: max records to return
+ required: true
+ schema:
+ type: integer
+ format: int32
+ responses:
+ NotFound:
+ description: Entity not found.
+ IllegalInput:
+ description: Illegal input for operation.
+ GeneralError:
+ description: General Error
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GeneralError'
+ securitySchemes:
+ api_key:
+ type: apiKey
+ name: api_key
+ in: header
+ petstore_auth:
+ type: oauth2
+ flows:
+ implicit:
+ authorizationUrl: http://example.org/api/oauth/dialog
+ scopes:
+ write:pets: modify pets in your account
+ read:pets: read your pets
+Paths Object
+Server Object in order to construct the full URL. The Paths MAY be empty, due to ACL constraints.Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ /{path}
+Path Item Object
+A relative path to an individual endpoint. The field name MUST begin with a slash. The path is appended (no relative URL resolution) to the expanded URL from the
+Server Object’s url field in order to construct the full URL. Path templating is allowed. When matching URLs, concrete (non-templated) paths would be matched before their templated counterparts. Templated paths with the same hierarchy but different templated names MUST NOT exist as they are identical. In case of ambiguous matching, it’s up to the tooling to decide which one to use.Path Templating Matching
+/pets/mine, will be matched first if used:
+
+ /pets/{petId}
+ /pets/mine
+
+
+ /pets/{petId}
+ /pets/{name}
+
+
+ /{entity}/me
+ /books/{id}
+Paths Object Example
+
+{
+ "/pets": {
+ "get": {
+ "description": "Returns all pets from the system that the user has access to",
+ "responses": {
+ "200": {
+ "description": "A list of pets.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/pet"
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+}
+
+/pets:
+ get:
+ description: Returns all pets from the system that the user has access to
+ responses:
+ '200':
+ description: A list of pets.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/pet'
+Path Item Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ $ref
+stringAllows for an external definition of this path item. The referenced structure MUST be in the format of a Path Item Object. If there are conflicts between the referenced definition and this Path Item’s definition, the behavior is undefined.
+
+
+ summary
+stringAn optional, string summary, intended to apply to all operations in this path.
+
+
+ description
+stringAn optional, string description, intended to apply to all operations in this path. CommonMark syntax MAY be used for rich text representation.
+
+
+ get
+Operation Object
+A definition of a GET operation on this path.
+
+
+ put
+Operation Object
+A definition of a PUT operation on this path.
+
+
+ post
+Operation Object
+A definition of a POST operation on this path.
+
+
+ delete
+Operation Object
+A definition of a DELETE operation on this path.
+
+
+ options
+Operation Object
+A definition of a OPTIONS operation on this path.
+
+
+ head
+Operation Object
+A definition of a HEAD operation on this path.
+
+
+ patch
+Operation Object
+A definition of a PATCH operation on this path.
+
+
+ trace
+Operation Object
+A definition of a TRACE operation on this path.
+
+
+ servers
+[Server Object]
+An alternative
+server array to service all operations in this path.
+
+
+ parameters
+[Parameter Object | Reference Object]
+A list of parameters that are applicable for all the operations described under this path. These parameters can be overridden at the operation level, but cannot be removed there. The list MUST NOT include duplicated parameters. A unique parameter is defined by a combination of a name and location. The list can use the Reference Object to link to parameters that are defined at the OpenAPI Object’s components/parameters.
+Path Item Object Example
+
+{
+ "get": {
+ "description": "Returns pets based on ID",
+ "summary": "Find pets by ID",
+ "operationId": "getPetsById",
+ "responses": {
+ "200": {
+ "description": "pet response",
+ "content": {
+ "*/*": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/Pet"
+ }
+ }
+ }
+ }
+ },
+ "default": {
+ "description": "error payload",
+ "content": {
+ "text/html": {
+ "schema": {
+ "$ref": "#/components/schemas/ErrorModel"
+ }
+ }
+ }
+ }
+ }
+ },
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of pet to use",
+ "required": true,
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "style": "simple"
+ }
+ ]
+}
+
+get:
+ description: Returns pets based on ID
+ summary: Find pets by ID
+ operationId: getPetsById
+ responses:
+ '200':
+ description: pet response
+ content:
+ '*/*' :
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/Pet'
+ default:
+ description: error payload
+ content:
+ 'text/html':
+ schema:
+ $ref: '#/components/schemas/ErrorModel'
+parameters:
+- name: id
+ in: path
+ description: ID of pet to use
+ required: true
+ schema:
+ type: array
+ style: simple
+ items:
+ type: string
+Operation Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ tags
+[
+string]A list of tags for API documentation control. Tags can be used for logical grouping of operations by resources or any other qualifier.
+
+
+ summary
+stringA short summary of what the operation does.
+
+
+ description
+stringA verbose explanation of the operation behavior. CommonMark syntax MAY be used for rich text representation.
+
+
+ externalDocs
+External Documentation Object
+Additional external documentation for this operation.
+
+
+ operationId
+stringUnique string used to identify the operation. The id MUST be unique among all operations described in the API. Tools and libraries MAY use the operationId to uniquely identify an operation, therefore, it is RECOMMENDED to follow common programming naming conventions.
+
+
+ parameters
+[Parameter Object | Reference Object]
+A list of parameters that are applicable for this operation. If a parameter is already defined at the Path Item, the new definition will override it but can never remove it. The list MUST NOT include duplicated parameters. A unique parameter is defined by a combination of a name and location. The list can use the Reference Object to link to parameters that are defined at the OpenAPI Object’s components/parameters.
+
+
+ requestBody
+Request Body Object | Reference Object
+The request body applicable for this operation. The
+requestBody is only supported in HTTP methods where the HTTP 1.1 specification [[!RFC7231]] has explicitly defined semantics for request bodies. In other cases where the HTTP spec is vague, requestBody SHALL be ignored by consumers.
+
+ responses
+Responses Object
+REQUIRED. The list of possible responses as they are returned from executing this operation.
+
+
+ callbacks
+Map[
+string, Callback Object | Reference Object]A map of possible out-of band callbacks related to the parent operation. The key is a unique identifier for the Callback Object. Each value in the map is a Callback Object that describes a request that may be initiated by the API provider and the expected responses. The key value used to identify the callback object is an expression, evaluated at runtime, that identifies a URL to use for the callback operation.
+
+
+ deprecated
+booleanDeclares this operation to be deprecated. Consumers SHOULD refrain from usage of the declared operation. Default value is
+false.
+
+ security
+[Security Requirement Object]
+A declaration of which security mechanisms can be used for this operation. The list of values includes alternative security requirement objects that can be used. Only one of the security requirement objects need to be satisfied to authorize a request. This definition overrides any declared top-level
+security. To remove a top-level security declaration, an empty array can be used.
+
+
+ servers
+[Server Object]
+An alternative
+server array to service this operation. If an alternative server object is specified at the Path Item Object or Root level, it will be overridden by this value.Operation Object Example
+
+{
+ "tags": [
+ "pet"
+ ],
+ "summary": "Updates a pet in the store with form data",
+ "operationId": "updatePetWithForm",
+ "parameters": [
+ {
+ "name": "petId",
+ "in": "path",
+ "description": "ID of pet that needs to be updated",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "type": "object",
+ "properties": {
+ "name": {
+ "description": "Updated name of the pet",
+ "type": "string"
+ },
+ "status": {
+ "description": "Updated status of the pet",
+ "type": "string"
+ }
+ },
+ "required": ["status"]
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Pet updated.",
+ "content": {
+ "application/json": {},
+ "application/xml": {}
+ }
+ },
+ "405": {
+ "description": "Invalid input",
+ "content": {
+ "application/json": {},
+ "application/xml": {}
+ }
+ }
+ },
+ "security": [
+ {
+ "petstore_auth": [
+ "write:pets",
+ "read:pets"
+ ]
+ }
+ ]
+}
+
+tags:
+- pet
+summary: Updates a pet in the store with form data
+operationId: updatePetWithForm
+parameters:
+- name: petId
+ in: path
+ description: ID of pet that needs to be updated
+ required: true
+ schema:
+ type: string
+requestBody:
+ content:
+ 'application/x-www-form-urlencoded':
+ schema:
+ properties:
+ name:
+ description: Updated name of the pet
+ type: string
+ status:
+ description: Updated status of the pet
+ type: string
+ required:
+ - status
+responses:
+ '200':
+ description: Pet updated.
+ content:
+ 'application/json': {}
+ 'application/xml': {}
+ '405':
+ description: Invalid input
+ content:
+ 'application/json': {}
+ 'application/xml': {}
+security:
+- petstore_auth:
+ - write:pets
+ - read:pets
+External Documentation Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ description
+stringA short description of the target documentation. CommonMark syntax MAY be used for rich text representation.
+
+
+
+ url
+stringREQUIRED. The URL for the target documentation. Value MUST be in the format of a URL.
+External Documentation Object Example
+
+{
+ "description": "Find more info here",
+ "url": "https://example.com"
+}
+
+description: Find more info here
+url: https://example.com
+Parameter Object
+Parameter Locations
+in field:
+
+/items/{itemId}, the path parameter is itemId./items?id=###, the query parameter is id.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ name
+stringREQUIRED. The name of the parameter. Parameter names are case sensitive.
+in is "path", the name field MUST correspond to the associated path segment from the path field in the Paths Object. See Path Templating for further information.in is "header" and the name field is "Accept", "Content-Type" or "Authorization", the parameter definition SHALL be ignored.name corresponds to the parameter name used by the in property.
+
+ in
+stringREQUIRED. The location of the parameter. Possible values are “query”, “header”, “path” or “cookie”.
+
+
+ description
+stringA brief description of the parameter. This could contain examples of use. CommonMark syntax MAY be used for rich text representation.
+
+
+ required
+booleanDetermines whether this parameter is mandatory. If the parameter location is “path”, this property is REQUIRED and its value MUST be
+true. Otherwise, the property MAY be included and its default value is false.
+
+ deprecated
+booleanSpecifies that a parameter is deprecated and SHOULD be transitioned out of usage.
+
+
+
+ allowEmptyValue
+booleanSets the ability to pass empty-valued parameters. This is valid only for
+query parameters and allows sending a parameter with an empty value. Default value is false. If style is used, and if behavior is n/a (cannot be serialized), the value of allowEmptyValue SHALL be ignored.schema and style can describe the structure and syntax of the parameter.
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ style
+stringDescribes how the parameter value will be serialized depending on the type of the parameter value. Default values (based on value of
+in): for query - form; for path - simple; for header - simple; for cookie - form.
+
+ explode
+booleanWhen this is true, parameter values of type
+array or object generate separate parameters for each value of the array or key-value pair of the map. For other types of parameters this property has no effect. When style is form, the default value is true. For all other styles, the default value is false.
+
+ allowReserved
+booleanDetermines whether the parameter value SHOULD allow reserved characters, as defined by [[!RFC3986]]
+:/?#[]@!$&'()*+,;= to be included without percent-encoding. This property only applies to parameters with an in value of query. The default value is false.
+
+ schema
+Schema Object | Reference Object
+The schema defining the type used for the parameter.
+
+
+ example
+Any
+Example of the media type. The example SHOULD match the specified schema and encoding properties if present. The
+example object is mutually exclusive of the examples object. Furthermore, if referencing a schema which contains an example, the example value SHALL override the example provided by the schema. To represent examples of media types that cannot naturally be represented in JSON or YAML, a string value can contain the example with escaping where necessary.
+
+
+ examples
+Map[
+string, Example Object | Reference Object]Examples of the media type. Each example SHOULD contain a value in the correct format as specified in the parameter encoding. The
+examples object is mutually exclusive of the example object. Furthermore, if referencing a schema which contains an example, the examples value SHALL override the example provided by the schema.content property can define the media type and schema of the parameter.
+A parameter MUST contain either a schema property, or a content property, but not both.
+When example or examples are provided in conjunction with the schema object, the example MUST follow the prescribed serialization strategy for the parameter.
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+
+ content
+Map[
+string, Media Type Object]A map containing the representations for the parameter. The key is the media type and the value describes it. The map MUST only contain one entry.
+Style Values
+style values are defined.
+
+
+
+
+
+
+styletypeinComments
+
+
+matrix
+primitive, array, objectpathPath-style parameters defined by [[!RFC6570]]
+
+
+label
+primitive, array, objectpathLabel style parameters defined by [[!RFC6570]]
+
+
+form
+primitive, array, objectquery, cookieForm style parameters defined by [[!RFC6570]]. This option replaces
+collectionFormat with a csv (when explode is false) or multi (when explode is true) value from OpenAPI 2.0.
+
+simple
+arraypath, headerSimple style parameters defined by [[!RFC6570]]. This option replaces
+collectionFormat with a csv value from OpenAPI 2.0.
+
+spaceDelimited
+arrayquerySpace separated array values. This option replaces
+collectionFormat equal to ssv from OpenAPI 2.0.
+
+pipeDelimited
+arrayqueryPipe separated array values. This option replaces
+collectionFormat equal to pipes from OpenAPI 2.0.
+
+
+deepObject
+objectqueryProvides a simple way of rendering nested objects using form parameters.
+Style Examples
+color has one of the following values:
+
+ string -> "blue"
+ array -> ["blue","black","brown"]
+ object -> { "R": 100, "G": 200, "B": 150 }
+
+
+
+
+
+
+
+styleexplodeemptystringarrayobject
+
+matrix
+false
+;color
+;color=blue
+;color=blue,black,brown
+;color=R,100,G,200,B,150
+
+
+matrix
+true
+;color
+;color=blue
+;color=blue;color=black;color=brown
+;R=100;G=200;B=150
+
+
+label
+false
+.
+.blue
+.blue.black.brown
+.R.100.G.200.B.150
+
+
+label
+true
+.
+.blue
+.blue.black.brown
+.R=100.G=200.B=150
+
+
+form
+false
+color=
+color=blue
+color=blue,black,brown
+color=R,100,G,200,B,150
+
+
+form
+true
+color=
+color=blue
+color=blue&color=black&color=brown
+R=100&G=200&B=150
+
+
+simple
+false
+n/a
+blue
+blue,black,brown
+R,100,G,200,B,150
+
+
+simple
+true
+n/a
+blue
+blue,black,brown
+R=100,G=200,B=150
+
+
+spaceDelimited
+false
+n/a
+n/a
+blue%20black%20brown
+R%20100%20G%20200%20B%20150
+
+
+pipeDelimited
+false
+n/a
+n/a
+blue|black|brown
+R|100|G|200
+
+
+
+deepObject
+true
+n/a
+n/a
+n/a
+color[R]=100&color[G]=200&color[B]=150
+Parameter Object Examples
+
+{
+ "name": "token",
+ "in": "header",
+ "description": "token to be passed as a header",
+ "required": true,
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "integer",
+ "format": "int64"
+ }
+ },
+ "style": "simple"
+}
+
+name: token
+in: header
+description: token to be passed as a header
+required: true
+schema:
+ type: array
+ items:
+ type: integer
+ format: int64
+style: simple
+
+{
+ "name": "username",
+ "in": "path",
+ "description": "username to fetch",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+}
+
+name: username
+in: path
+description: username to fetch
+required: true
+schema:
+ type: string
+
+{
+ "name": "id",
+ "in": "query",
+ "description": "ID of the object to fetch",
+ "required": false,
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "style": "form",
+ "explode": true
+}
+
+name: id
+in: query
+description: ID of the object to fetch
+required: false
+schema:
+ type: array
+ items:
+ type: string
+style: form
+explode: true
+
+{
+ "in": "query",
+ "name": "freeForm",
+ "schema": {
+ "type": "object",
+ "additionalProperties": {
+ "type": "integer"
+ },
+ },
+ "style": "form"
+}
+
+in: query
+name: freeForm
+schema:
+ type: object
+ additionalProperties:
+ type: integer
+style: form
+content to define serialization:
+{
+ "in": "query",
+ "name": "coordinates",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "object",
+ "required": [
+ "lat",
+ "long"
+ ],
+ "properties": {
+ "lat": {
+ "type": "number"
+ },
+ "long": {
+ "type": "number"
+ }
+ }
+ }
+ }
+ }
+}
+
+in: query
+name: coordinates
+content:
+ application/json:
+ schema:
+ type: object
+ required:
+ - lat
+ - long
+ properties:
+ lat:
+ type: number
+ long:
+ type: number
+Request Body Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ description
+stringA brief description of the request body. This could contain examples of use. CommonMark syntax MAY be used for rich text representation.
+
+
+ content
+Map[
+string, Media Type Object]REQUIRED. The content of the request body. The key is a media type or media type range and the value describes it. For requests that match multiple keys, only the most specific key is applicable. e.g. text/plain overrides text/*
+
+
+
+ required
+booleanDetermines if the request body is required in the request. Defaults to
+false.Request Body Examples
+
+{
+ "description": "user to add to the system",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/User"
+ },
+ "examples": {
+ "user" : {
+ "summary": "User Example",
+ "externalValue": "http://foo.bar/examples/user-example.json"
+ }
+ }
+ },
+ "application/xml": {
+ "schema": {
+ "$ref": "#/components/schemas/User"
+ },
+ "examples": {
+ "user" : {
+ "summary": "User example in XML",
+ "externalValue": "http://foo.bar/examples/user-example.xml"
+ }
+ }
+ },
+ "text/plain": {
+ "examples": {
+ "user" : {
+ "summary": "User example in Plain text",
+ "externalValue": "http://foo.bar/examples/user-example.txt"
+ }
+ }
+ },
+ "*/*": {
+ "examples": {
+ "user" : {
+ "summary": "User example in other format",
+ "externalValue": "http://foo.bar/examples/user-example.whatever"
+ }
+ }
+ }
+ }
+}
+
+description: user to add to the system
+content:
+ 'application/json':
+ schema:
+ $ref: '#/components/schemas/User'
+ examples:
+ user:
+ summary: User Example
+ externalValue: 'http://foo.bar/examples/user-example.json'
+ 'application/xml':
+ schema:
+ $ref: '#/components/schemas/User'
+ examples:
+ user:
+ summary: User Example in XML
+ externalValue: 'http://foo.bar/examples/user-example.xml'
+ 'text/plain':
+ examples:
+ user:
+ summary: User example in text plain format
+ externalValue: 'http://foo.bar/examples/user-example.txt'
+ '*/*':
+ examples:
+ user:
+ summary: User example in other format
+ externalValue: 'http://foo.bar/examples/user-example.whatever'
+
+{
+ "description": "user to add to the system",
+ "content": {
+ "text/plain": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ }
+ }
+}
+
+description: user to add to the system
+required: true
+content:
+ text/plain:
+ schema:
+ type: array
+ items:
+ type: string
+Media Type Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ schema
+Schema Object | Reference Object
+The schema defining the type used for the request body.
+
+
+ example
+Any
+Example of the media type. The example object SHOULD be in the correct format as specified by the media type. The
+example object is mutually exclusive of the examples object. Furthermore, if referencing a schema which contains an example, the example value SHALL override the example provided by the schema.
+
+ examples
+Map[
+string, Example Object | Reference Object]Examples of the media type. Each example object SHOULD match the media type and specified schema if present. The
+examples object is mutually exclusive of the example object. Furthermore, if referencing a schema which contains an example, the examples value SHALL override the example provided by the schema.
+
+
+ encoding
+Map[
+string, Encoding Object]A map between a property name and its encoding information. The key, being the property name, MUST exist in the schema as a property. The encoding object SHALL only apply to
+requestBody objects when the media type is multipart or application/x-www-form-urlencoded.Media Type Examples
+
+{
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/Pet"
+ },
+ "examples": {
+ "cat" : {
+ "summary": "An example of a cat",
+ "value":
+ {
+ "name": "Fluffy",
+ "petType": "Cat",
+ "color": "White",
+ "gender": "male",
+ "breed": "Persian"
+ }
+ },
+ "dog": {
+ "summary": "An example of a dog with a cat's name",
+ "value" : {
+ "name": "Puma",
+ "petType": "Dog",
+ "color": "Black",
+ "gender": "Female",
+ "breed": "Mixed"
+ },
+ "frog": {
+ "$ref": "#/components/examples/frog-example"
+ }
+ }
+ }
+ }
+}
+
+application/json:
+ schema:
+ $ref: "#/components/schemas/Pet"
+ examples:
+ cat:
+ summary: An example of a cat
+ value:
+ name: Fluffy
+ petType: Cat
+ color: White
+ gender: male
+ breed: Persian
+ dog:
+ summary: An example of a dog with a cat's name
+ value:
+ name: Puma
+ petType: Dog
+ color: Black
+ gender: Female
+ breed: Mixed
+ frog:
+ $ref: "#/components/examples/frog-example"
+Considerations for File Uploads
+file input/output content in OpenAPI is described with the same semantics as any other schema type. Specifically:
+# content transferred with base64 encoding
+schema:
+ type: string
+ format: base64
+
+# content transferred in binary (octet-stream):
+schema:
+ type: string
+ format: binary
+requestBody for submitting a file in a POST operation may look like the following example:
+requestBody:
+ content:
+ application/octet-stream:
+ # any media type is accepted, functionally equivalent to `*/*`
+ schema:
+ # a binary file of any type
+ type: string
+ format: binary
+
+# multiple, specific media types may be specified:
+requestBody:
+ content:
+ # a binary file of type png or jpeg
+ 'image/jpeg':
+ schema:
+ type: string
+ format: binary
+ 'image/png':
+ schema:
+ type: string
+ format: binary
+multipart media type MUST be used:
+requestBody:
+ content:
+ multipart/form-data:
+ schema:
+ properties:
+ # The property name 'file' will be used for all files.
+ file:
+ type: array
+ items:
+ type: string
+ format: binary
+
+Support for x-www-form-urlencoded Request Bodies
+
+requestBody:
+ content:
+ application/x-www-form-urlencoded:
+ schema:
+ type: object
+ properties:
+ id:
+ type: string
+ format: uuid
+ address:
+ # complex types are stringified to support RFC 1866
+ type: object
+ properties: {}
+requestBody MUST be stringified per [[!RFC1866]] when passed to the server. In addition, the address field complex object will be stringified.application/x-www-form-urlencoded content type, the default serialization strategy of such properties is described in the Encoding Object’s style property as form.Special Considerations for
+multipart Contentmultipart/form-data as a Content-Type when transferring request bodies to operations. In contrast to 2.0, a schema is REQUIRED to define the input parameters to the operation when using multipart content. This supports complex structures as well as supporting mechanisms for multiple file uploads.multipart types, boundaries MAY be used to separate sections of the content being transferred — thus, the following default Content-Types are defined for multipart:
+
+text/plainapplication/jsontype: string with format: binary or format: base64 (aka a file object), the default Content-Type is application/octet-stream
+requestBody:
+ content:
+ multipart/form-data:
+ schema:
+ type: object
+ properties:
+ id:
+ type: string
+ format: uuid
+ address:
+ # default Content-Type for objects is `application/json`
+ type: object
+ properties: {}
+ profileImage:
+ # default Content-Type for string/binary is `application/octet-stream`
+ type: string
+ format: binary
+ children:
+ # default Content-Type for arrays is based on the `inner` type (text/plain here)
+ type: array
+ items:
+ type: string
+ addresses:
+ # default Content-Type for arrays is based on the `inner` type (object shown, so `application/json` in this example)
+ type: array
+ items:
+ type: '#/components/schemas/Address'
+encoding attribute is introduced to give you control over the serialization of parts of multipart request bodies. This attribute is only applicable to multipart and application/x-www-form-urlencoded request bodies.Encoding Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ contentType
+stringThe Content-Type for encoding a specific property. Default value depends on the property type: for
+string with format being binary – application/octet-stream; for other primitive types – text/plain; for object - application/json; for array – the default is defined based on the inner type. The value can be a specific media type (e.g. application/json), a wildcard media type (e.g. image/*), or a comma-separated list of the two types.
+
+ headers
+Map[
+string, Header Object | Reference Object]A map allowing additional information to be provided as headers, for example
+Content-Disposition. Content-Type is described separately and SHALL be ignored in this section. This property SHALL be ignored if the request body media type is not a multipart.
+
+ style
+stringDescribes how a specific property value will be serialized depending on its type. See Parameter Object for details on the
+style property. The behavior follows the same values as query parameters, including default values. This property SHALL be ignored if the request body media type is not application/x-www-form-urlencoded.
+
+ explode
+booleanWhen this is true, property values of type
+array or object generate separate parameters for each value of the array, or key-value-pair of the map. For other types of properties this property has no effect. When style is form, the default value is true. For all other styles, the default value is false. This property SHALL be ignored if the request body media type is not application/x-www-form-urlencoded.
+
+
+ allowReserved
+booleanDetermines whether the parameter value SHOULD allow reserved characters, as defined by [[!RFC3986]]
+:/?#[]@!$&'()*+,;= to be included without percent-encoding. The default value is false. This property SHALL be ignored if the request body media type is not application/x-www-form-urlencoded.Encoding Object Example
+
+requestBody:
+ content:
+ multipart/mixed:
+ schema:
+ type: object
+ properties:
+ id:
+ # default is text/plain
+ type: string
+ format: uuid
+ address:
+ # default is application/json
+ type: object
+ properties: {}
+ historyMetadata:
+ # need to declare XML format!
+ description: metadata in XML format
+ type: object
+ properties: {}
+ profileImage:
+ # default is application/octet-stream, need to declare an image type only!
+ type: string
+ format: binary
+ encoding:
+ historyMetadata:
+ # require XML Content-Type in utf-8 encoding
+ contentType: application/xml; charset=utf-8
+ profileImage:
+ # only accept png/jpeg
+ contentType: image/png, image/jpeg
+ headers:
+ X-Rate-Limit-Limit:
+ description: The number of allowed requests in the current period
+ schema:
+ type: integer
+Responses Object
+default MAY be used as a default response object for all HTTP codes
+that are not covered individually by the specification.Responses Object MUST contain at least one response code, and it
+SHOULD be the response for a successful operation call.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+
+ default
+Response Object | Reference Object
+The documentation of responses other than the ones declared for specific HTTP response codes. Use this field to cover undeclared responses. A Reference Object can link to a response that the OpenAPI Object’s components/responses section defines.
+Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ HTTP Status Code
+Response Object | Reference Object
+Any HTTP status code can be used as the property name, but only one property per code, to describe the expected response for that HTTP status code. A Reference Object can link to a response that is defined in the OpenAPI Object’s components/responses section. This field MUST be enclosed in quotation marks (for example, “200”) for compatibility between JSON and YAML. To define a range of response codes, this field MAY contain the uppercase wildcard character
+X. For example, 2XX represents all response codes between [200-299]. The following range definitions are allowed: 1XX, 2XX, 3XX, 4XX, and 5XX. If a response range is defined using an explicit code, the explicit code definition takes precedence over the range definition for that code.Responses Object Example
+
+{
+ "200": {
+ "description": "a pet to be returned",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/Pet"
+ }
+ }
+ }
+ },
+ "default": {
+ "description": "Unexpected error",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ErrorModel"
+ }
+ }
+ }
+ }
+}
+
+'200':
+ description: a pet to be returned
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Pet'
+default:
+ description: Unexpected error
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ErrorModel'
+Response Object
+links to operations based on the response.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ description
+stringREQUIRED. A short description of the response. CommonMark syntax MAY be used for rich text representation.
+
+
+ headers
+Map[
+string, Header Object | Reference Object]Maps a header name to its definition. [[!RFC7230]] states header names are case insensitive. If a response header is defined with the name
+"Content-Type", it SHALL be ignored.
+
+ content
+Map[
+string, Media Type Object]A map containing descriptions of potential response payloads. The key is a media type or media type range and the value describes it. For responses that match multiple keys, only the most specific key is applicable. e.g. text/plain overrides text/*
+
+
+
+ links
+Map[
+string, Link Object | Reference Object]A map of operations links that can be followed from the response. The key of the map is a short name for the link, following the naming constraints of the names for Component Objects.
+Response Object Examples
+
+{
+ "description": "A complex object array response",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/VeryComplexType"
+ }
+ }
+ }
+ }
+}
+
+description: A complex object array response
+content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/VeryComplexType'
+
+{
+ "description": "A simple string response",
+ "content": {
+ "text/plain": {
+ "schema": {
+ "type": "string"
+ }
+ }
+ }
+
+}
+
+description: A simple string response
+representations:
+ text/plain:
+ schema:
+ type: string
+
+{
+ "description": "A simple string response",
+ "content": {
+ "text/plain": {
+ "schema": {
+ "type": "string"
+ }
+ }
+ },
+ "headers": {
+ "X-Rate-Limit-Limit": {
+ "description": "The number of allowed requests in the current period",
+ "schema": {
+ "type": "integer"
+ }
+ },
+ "X-Rate-Limit-Remaining": {
+ "description": "The number of remaining requests in the current period",
+ "schema": {
+ "type": "integer"
+ }
+ },
+ "X-Rate-Limit-Reset": {
+ "description": "The number of seconds left in the current period",
+ "schema": {
+ "type": "integer"
+ }
+ }
+ }
+}
+
+description: A simple string response
+content:
+ text/plain:
+ schema:
+ type: string
+ example: 'whoa!'
+headers:
+ X-Rate-Limit-Limit:
+ description: The number of allowed requests in the current period
+ schema:
+ type: integer
+ X-Rate-Limit-Remaining:
+ description: The number of remaining requests in the current period
+ schema:
+ type: integer
+ X-Rate-Limit-Reset:
+ description: The number of seconds left in the current period
+ schema:
+ type: integer
+
+{
+ "description": "object created"
+}
+
+description: object created
+Callback Object
+Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ {expression}
+Path Item Object
+A Path Item Object used to define a callback request and expected responses. A complete example is available.
+Key Expression
+$request.body#/url.
+However, using a runtime expression the complete HTTP message can be accessed.
+This includes accessing any part of a body that a JSON Pointer [[!RFC6901]] can reference.
+POST /subscribe/myevent?queryUrl=http://clientdomain.com/stillrunning HTTP/1.1
+Host: example.org
+Content-Type: application/json
+Content-Length: 187
+
+{
+ "failedUrl" : "http://clientdomain.com/failed",
+ "successUrls" : [
+ "http://clientdomain.com/fast",
+ "http://clientdomain.com/medium",
+ "http://clientdomain.com/slow"
+ ]
+}
+
+201 Created
+Location: http://example.org/subscription/1
+eventType and a query parameter named queryUrl.
+
+
+
+
+
+
+Expression
+Value
+
+
+$url
+http://example.org/subscribe/myevent?queryUrl=http://clientdomain.com/stillrunning
+
+
+$method
+POST
+
+
+$request.path.eventType
+myevent
+
+
+$request.query.queryUrl
+http://clientdomain.com/stillrunning
+
+
+$request.header.content-Type
+application/json
+
+
+$request.body#/failedUrl
+http://clientdomain.com/stillrunning
+
+
+$request.body#/successUrls/2
+http://clientdomain.com/medium
+
+
+
+$response.header.Location
+http://example.org/subscription/1
+Callback Object Example
+id and email property in the request body.
+myWebhook:
+ 'http://notificationServer.com?transactionId={$request.body#/id}&email={$request.body#/email}':
+ post:
+ requestBody:
+ description: Callback payload
+ content:
+ 'application/json':
+ schema:
+ $ref: '#/components/schemas/SomePayload'
+ responses:
+ '200':
+ description: webhook successfully processed and no retries will be performed
+Example Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ summary
+stringShort description for the example.
+
+
+ description
+stringLong description for the example. CommonMark syntax MAY be used for rich text representation.
+
+
+ value
+Any
+Embedded literal example. The
+value field and externalValue field are mutually exclusive. To represent examples of media types that cannot naturally represented in JSON or YAML, use a string value to contain the example, escaping where necessary.
+
+
+ externalValue
+stringA URL that points to the literal example. This provides the capability to reference examples that cannot easily be included in JSON or YAML documents. The
+value field and externalValue field are mutually exclusive.Example Object Example
+
+# in a model
+schemas:
+ properties:
+ name:
+ type: string
+ examples:
+ name:
+ $ref: http://example.org/petapi-examples/openapi.json#/components/examples/name-example
+
+# in a request body:
+ requestBody:
+ content:
+ 'application/json':
+ schema:
+ $ref: '#/components/schemas/Address'
+ examples:
+ foo:
+ summary: A foo example
+ value: {"foo": "bar"}
+ bar:
+ summary: A bar example
+ value: {"bar": "baz"}
+ 'application/xml':
+ examples:
+ xmlExample:
+ summary: This is an example in XML
+ externalValue: 'http://example.org/examples/address-example.xml'
+ 'text/plain':
+ examples:
+ textExample:
+ summary: This is a text example
+ externalValue: 'http://foo.bar/examples/address-example.txt'
+
+
+# in a parameter
+ parameters:
+ - name: 'zipCode'
+ in: 'query'
+ schema:
+ type: 'string'
+ format: 'zip-code'
+ examples:
+ zip-example:
+ $ref: '#/components/examples/zip-example'
+
+# in a response
+ responses:
+ '200':
+ description: your car appointment has been booked
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SuccessResponse'
+ examples:
+ confirmation-success:
+ $ref: '#/components/examples/confirmation-success'
+Link Object
+Link object represents a possible design-time link for a response.
+The presence of a link does not guarantee the caller’s ability to successfully invoke it, rather it provides a known relationship and traversal mechanism between responses and other operations.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ operationRef
+stringA relative or absolute reference to an OAS operation. This field is mutually exclusive of the
+operationId field, and MUST point to an Operation Object. Relative operationRef values MAY be used to locate an existing Operation Object in the OpenAPI definition.
+
+ operationId
+stringThe name of an existing, resolvable OAS operation, as defined with a unique
+operationId. This field is mutually exclusive of the operationRef field.
+
+ parameters
+Map[
+string, Any | {expression}]A map representing parameters to pass to an operation as specified with
+operationId or identified via operationRef. The key is the parameter name to be used, whereas the value can be a constant or an expression to be evaluated and passed to the linked operation. The parameter name can be qualified using the parameter location [{in}.]{name} for operations that use the same parameter name in different locations (e.g. path.id).
+
+ requestBody
+Any | {expression}
+A literal value or {expression} to use as a request body when calling the target operation.
+
+
+ description
+stringA description of the link. CommonMark syntax MAY be used for rich text representation.
+
+
+
+ server
+Server Object
+A server object to be used by the target operation.
+operationRef or operationId.
+In the case of an operationId, it MUST be unique and resolved in the scope of the OAS document.
+Because of the potential for name clashes, the operationRef syntax is preferred
+for specifications with external references.Examples
+$request.path.id is used to pass a request parameter to the linked operation.
+paths:
+ /users/{id}:
+ parameters:
+ - name: id
+ in: path
+ required: true
+ description: the user identifier, as userId
+ schema:
+ type: string
+ get:
+ responses:
+ '200':
+ description: the user being returned
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ uuid: # the unique user id
+ type: string
+ format: uuid
+ links:
+ address:
+ # the target link operationId
+ operationId: getUserAddress
+ parameters:
+ # get the `id` field from the request path parameter named `id`
+ userId: $request.path.id
+ # the path item of the linked operation
+ /users/{userid}/address:
+ parameters:
+ - name: userid
+ in: path
+ required: true
+ description: the user identifier, as userId
+ schema:
+ type: string
+ # linked operation
+ get:
+ operationId: getUserAddress
+ responses:
+ '200':
+ description: the user's address
+
+links:
+ address:
+ operationId: getUserAddressByUUID
+ parameters:
+ # get the `id` field from the request path parameter named `id`
+ userUuid: $response.body#/uuid
+OperationRef Examples
+operationId MAY NOT be possible (the operationId is an optional
+value), references MAY also be made through a relative operationRef:
+links:
+ UserRepositories:
+ # returns array of '#/components/schemas/repository'
+ operationRef: '#/paths/~12.0~1repositories~1{username}/get'
+ parameters:
+ username: $response.body#/username
+operationRef:
+links:
+ UserRepositories:
+ # returns array of '#/components/schemas/repository'
+ operationRef: 'https://na2.gigantic-server.com/#/paths/~12.0~1repositories~1{username}/get'
+ parameters:
+ username: $response.body#/username
+operationRef, the escaped forward-slash is necessary when
+using JSON references.Runtime Expressions
+
+
+ expression = ( "$url" | "$method" | "$statusCode" | "$request." source | "$response." source )
+ source = ( header-reference | query-reference | path-reference | body-reference )
+ header-reference = "header." token
+ query-reference = "query." name
+ path-reference = "path." name
+ body-reference = "body" ["#" fragment]
+ fragment = a JSON Pointer [RFC 6901](https://tools.ietf.org/html/rfc6901)
+ name = *( char )
+ char = as per RFC [7159](https://tools.ietf.org/html/rfc7159#section-7)
+ token = as per RFC [7230](https://tools.ietf.org/html/rfc7230#section-3.2.6)
+name identifier is case-sensitive, whereas token is not.Examples
+
+
+
+
+
+
+
+Source Location
+example expression
+notes
+
+
+HTTP Method
+$methodThe allowable values for the
+$method will be those for the HTTP operation.
+
+Requested media type
+$request.header.accept
+
+
+Request parameter
+$request.path.idRequest parameters MUST be declared in the
+parameters section of the parent operation or they cannot be evaluated. This includes request headers.
+
+Request body property
+$request.body#/user/uuidIn operations which accept payloads, references may be made to portions of the
+requestBody or the entire body.
+
+Request URL
+$url
+
+
+Response value
+$response.body#/statusIn operations which return payloads, references may be made to portions of the response body or the entire body.
+
+
+
+Response header
+$response.header.ServerSingle header values only are available
+{} curly braces.Header Object
+
+
+name MUST NOT be specified, it is given in the corresponding headers map.in MUST NOT be specified, it is implicitly in header.header (for example, style).Header Object Example
+integer:
+{
+ "description": "The number of allowed requests in the current period",
+ "schema": {
+ "type": "integer"
+ }
+}
+
+description: The number of allowed requests in the current period
+schema:
+ type: integer
+Tag Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ name
+stringREQUIRED. The name of the tag.
+
+
+ description
+stringA short description for the tag. CommonMark syntax MAY be used for rich text representation.
+
+
+
+ externalDocs
+External Documentation Object
+Additional external documentation for this tag.
+Tag Object Example
+
+{
+ "name": "pet",
+ "description": "Pets operations"
+}
+
+name: pet
+description: Pets operations
+Examples Object
+example, a JSON Reference MAY be used, with the
+explicit restriction that examples having a JSON format with object named
+$ref are not allowed. Therefore, that example, structurally, can be
+either a string primitive or an object, similar to additionalProperties.
+# in a model
+schemas:
+ properties:
+ name:
+ type: string
+ example:
+ $ref: http://foo.bar#/examples/name-example
+
+# in a request body, note the plural `examples`
+ requestBody:
+ content:
+ 'application/json':
+ schema:
+ $ref: '#/components/schemas/Address'
+ examples:
+ foo:
+ value: {"foo": "bar"}
+ bar:
+ value: {"bar": "baz"}
+ 'application/xml':
+ examples:
+ xml:
+ externalValue: 'http://foo.bar/examples/address-example.xml'
+ 'text/plain':
+ examples:
+ text:
+ externalValue: 'http://foo.bar/examples/address-example.txt'
+
+# in a parameter
+ parameters:
+ - name: 'zipCode'
+ in: 'query'
+ schema:
+ type: 'string'
+ format: 'zip-code'
+ example:
+ $ref: 'http://foo.bar#/examples/zip-example'
+
+# in a response, note the singular `example`:
+ responses:
+ '200':
+ description: your car appointment has been booked
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SuccessResponse'
+ example:
+ $ref: http://foo.bar#/examples/address-example.json
+Reference Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+
+ $ref
+stringREQUIRED. The reference string.
+Reference Object Example
+
+{
+ "$ref": "#/components/schemas/Pet"
+}
+
+$ref: '#/components/schemas/Pet'
+Relative Schema Document Example
+
+{
+ "$ref": "Pet.json"
+}
+
+$ref: Pet.yaml
+Relative Documents With Embedded Schema Example
+
+{
+ "$ref": "definitions.json#/Pet"
+}
+
+$ref: definitions.yaml#/Pet
+Schema Object
+Properties
+
+
+
+
+items MUST be present if the type is array.type is string, then default can be "foo" but cannot be 1.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ nullable
+booleanAllows sending a
+null value for the defined schema. Default value is false.
+
+ discriminator
+Discriminator Object
+Adds support for polymorphism. The discriminator is an object name that is used to differentiate between other schemas which may satisfy the payload description. See Composition and Inheritance for more details.
+
+
+ readOnly
+booleanRelevant only for Schema
+"properties" definitions. Declares the property as “read only”. This means that it MAY be sent as part of a response but SHOULD NOT be sent as part of the request. If the property is marked as readOnly being true and is in the required list, the required will take effect on the response only. A property MUST NOT be marked as both readOnly and writeOnly being true. Default value is false.
+
+ writeOnly
+booleanRelevant only for Schema
+"properties" definitions. Declares the property as “write only”. Therefore, it MAY be sent as part of a request but SHOULD NOT be sent as part of the response. If the property is marked as writeOnly being true and is in the required list, the required will take effect on the request only. A property MUST NOT be marked as both readOnly and writeOnly being true. Default value is false.
+
+ xml
+XML Object
+This MAY be used only on properties schemas. It has no effect on root schemas. Adds additional metadata to describe the XML representation of this property.
+
+
+ externalDocs
+External Documentation Object
+Additional external documentation for this schema.
+
+
+ example
+Any
+A free-form property to include an example of an instance for this schema. To represent examples that cannot be naturally represented in JSON or YAML, a string value can be used to contain the example with escaping where necessary.
+
+
+
+ deprecated
+booleanSpecifies that a schema is deprecated and SHOULD be transitioned out of usage. Default value is
+false.Composition and Inheritance (Polymorphism)
+allOf property of JSON Schema, in effect offering model composition.
+allOf takes an array of object definitions that are validated independently but together compose a single object.discriminator field.
+When used, the discriminator will be the name of the property that decides which schema definition validates the structure of the model.
+As such, the discriminator field MUST be a required field.
+There are are two ways to define the value of a discriminator for an inheriting instance.
+
+XML Modeling
+Schema Object Examples
+Primitive Sample
+
+{
+ "type": "string",
+ "format": "email"
+}
+
+type: string
+format: email
+Simple Model
+
+{
+ "type": "object",
+ "required": [
+ "name"
+ ],
+ "properties": {
+ "name": {
+ "type": "string"
+ },
+ "address": {
+ "$ref": "#/components/schemas/Address"
+ },
+ "age": {
+ "type": "integer",
+ "format": "int32",
+ "minimum": 0
+ }
+ }
+}
+
+type: object
+required:
+- name
+properties:
+ name:
+ type: string
+ address:
+ $ref: '#/components/schemas/Address'
+ age:
+ type: integer
+ format: int32
+ minimum: 0
+Model with Map/Dictionary Properties
+
+{
+ "type": "object",
+ "additionalProperties": {
+ "type": "string"
+ }
+}
+
+type: object
+additionalProperties:
+ type: string
+
+{
+ "type": "object",
+ "additionalProperties": {
+ "$ref": "#/components/schemas/ComplexModel"
+ }
+}
+
+type: object
+additionalProperties:
+ $ref: '#/components/schemas/ComplexModel'
+Model with Example
+
+{
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "integer",
+ "format": "int64"
+ },
+ "name": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "name"
+ ],
+ "example": {
+ "name": "Puma",
+ "id": 1
+ }
+}
+
+type: object
+properties:
+ id:
+ type: integer
+ format: int64
+ name:
+ type: string
+required:
+- name
+example:
+ name: Puma
+ id: 1
+Models with Composition
+
+{
+ "components": {
+ "schemas": {
+ "ErrorModel": {
+ "type": "object",
+ "required": [
+ "message",
+ "code"
+ ],
+ "properties": {
+ "message": {
+ "type": "string"
+ },
+ "code": {
+ "type": "integer",
+ "minimum": 100,
+ "maximum": 600
+ }
+ }
+ },
+ "ExtendedErrorModel": {
+ "allOf": [
+ {
+ "$ref": "#/components/schemas/ErrorModel"
+ },
+ {
+ "type": "object",
+ "required": [
+ "rootCause"
+ ],
+ "properties": {
+ "rootCause": {
+ "type": "string"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+}
+
+components:
+ schemas:
+ ErrorModel:
+ type: object
+ required:
+ - message
+ - code
+ properties:
+ message:
+ type: string
+ code:
+ type: integer
+ minimum: 100
+ maximum: 600
+ ExtendedErrorModel:
+ allOf:
+ - $ref: '#/components/schemas/ErrorModel'
+ - type: object
+ required:
+ - rootCause
+ properties:
+ rootCause:
+ type: string
+Models with Polymorphism Support
+
+{
+ "components": {
+ "schemas": {
+ "Pet": {
+ "type": "object",
+ "discriminator": {
+ "propertyName": "petType"
+ },
+ "properties": {
+ "name": {
+ "type": "string"
+ },
+ "petType": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "name",
+ "petType"
+ ]
+ },
+ "Cat": {
+ "description": "A representation of a cat. Note that `Cat` will be used as the discriminator value.",
+ "allOf": [
+ {
+ "$ref": "#/components/schemas/Pet"
+ },
+ {
+ "type": "object",
+ "properties": {
+ "huntingSkill": {
+ "type": "string",
+ "description": "The measured skill for hunting",
+ "default": "lazy",
+ "enum": [
+ "clueless",
+ "lazy",
+ "adventurous",
+ "aggressive"
+ ]
+ }
+ },
+ "required": [
+ "huntingSkill"
+ ]
+ }
+ ]
+ },
+ "Dog": {
+ "description": "A representation of a dog. Note that `Dog` will be used as the discriminator value.",
+ "allOf": [
+ {
+ "$ref": "#/components/schemas/Pet"
+ },
+ {
+ "type": "object",
+ "properties": {
+ "packSize": {
+ "type": "integer",
+ "format": "int32",
+ "description": "the size of the pack the dog is from",
+ "default": 0,
+ "minimum": 0
+ }
+ },
+ "required": [
+ "packSize"
+ ]
+ }
+ ]
+ }
+ }
+ }
+}
+
+components:
+ schemas:
+ Pet:
+ type: object
+ discriminator:
+ propertyName: petType
+ properties:
+ name:
+ type: string
+ petType:
+ type: string
+ required:
+ - name
+ - petType
+ Cat: ## "Cat" will be used as the discriminator value
+ description: A representation of a cat
+ allOf:
+ - $ref: '#/components/schemas/Pet'
+ - type: object
+ properties:
+ huntingSkill:
+ type: string
+ description: The measured skill for hunting
+ enum:
+ - clueless
+ - lazy
+ - adventurous
+ - aggressive
+ required:
+ - huntingSkill
+ Dog: ## "Dog" will be used as the discriminator value
+ description: A representation of a dog
+ allOf:
+ - $ref: '#/components/schemas/Pet'
+ - type: object
+ properties:
+ packSize:
+ type: integer
+ format: int32
+ description: the size of the pack the dog is from
+ default: 0
+ minimum: 0
+ required:
+ - packSize
+Discriminator Object
+discriminator object can be used to aid in serialization, deserialization, and validation. The discriminator is a specific object in a schema which is used to inform the consumer of the specification of an alternative schema based on the value associated with it.Fixed Fields
+oneOf, anyOf, allOf.
+
+MyResponseType:
+ oneOf:
+ - $ref: '#/components/schemas/Cat'
+ - $ref: '#/components/schemas/Dog'
+ - $ref: '#/components/schemas/Lizard'
+Cat, Dog, or Lizard. In this case, a discriminator MAY act as a “hint” to shortcut validation and selection of the matching schema which may be a costly operation, depending on the complexity of the schema. We can then describe exactly which field tells us which schema to use:
+
+MyResponseType:
+ oneOf:
+ - $ref: '#/components/schemas/Cat'
+ - $ref: '#/components/schemas/Dog'
+ - $ref: '#/components/schemas/Lizard'
+ discriminator:
+ propertyName: pet_type
+pet_type MUST be present in the response payload, and the value will correspond to the name of a schema defined in the OAS document. Thus the response payload:
+
+{
+ "id": 12345,
+ "pet_type": "Cat"
+}
+Cat schema be used in conjunction with this payload.mapping definition MAY be used:
+
+MyResponseType:
+ oneOf:
+ - $ref: '#/components/schemas/Cat'
+ - $ref: '#/components/schemas/Dog'
+ - $ref: '#/components/schemas/Lizard'
+ - $ref: 'https://gigantic-server.com/schemas/Monster/schema.json'
+ discriminator:
+ propertyName: pet_type
+ mapping:
+ dog: '#/components/schemas/Dog'
+ monster: 'https://gigantic-server.com/schemas/Monster/schema.json'
+dog will map to the schema #/components/schemas/Dog, rather than the default (implicit) value of Dog. If the discriminator value does not match an implicit or explicit mapping, no schema can be determined and validation SHOULD fail. Mapping keys MUST be string values, but tooling MAY convert response values to strings for comparison.anyOf construct, the use of the discriminator can avoid ambiguity where multiple schemas may satisfy a single payload.oneOf and anyOf use cases, all possible schemas MUST be listed explicitly. To avoid redundancy, the discriminator MAY be added to a parent schema definition, and all schemas comprising the parent schema in an allOf construct may be used as an alternate schema.
+
+components:
+ schemas:
+ Pet:
+ type: object
+ required:
+ - pet_type
+ properties:
+ pet_type:
+ type: string
+ discriminator:
+ propertyName: pet_type
+ mapping:
+ cachorro: Dog
+ Cat:
+ allOf:
+ - $ref: '#/components/schemas/Pet'
+ - type: object
+ # all other properties specific to a `Cat`
+ properties:
+ name:
+ type: string
+ Dog:
+ allOf:
+ - $ref: '#/components/schemas/Pet'
+ - type: object
+ # all other properties specific to a `Dog`
+ properties:
+ bark:
+ type: string
+ Lizard:
+ allOf:
+ - $ref: '#/components/schemas/Pet'
+ - type: object
+ # all other properties specific to a `Lizard`
+ properties:
+ lovesRocks:
+ type: boolean
+
+
+{
+ "pet_type": "Cat",
+ "name": "misty"
+}
+Cat schema be used. Likewise this schema:
+
+{
+ "pet_type": "cachorro",
+ "bark": "soft"
+}
+Dog because of the definition in the mappings element.XML Object
+name property SHOULD be used to add that information.
+See examples for expected behavior.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ name
+stringReplaces the name of the element/attribute used for the described schema property. When defined within
+items, it will affect the name of the individual XML elements within the list. When defined alongside type being array (outside the items), it will affect the wrapping element and only if wrapped is true. If wrapped is false, it will be ignored.
+
+ namespace
+stringThe URI of the namespace definition. Value MUST be in the form of an absolute URI.
+
+
+ prefix
+stringThe prefix to be used for the name.
+
+
+ attribute
+booleanDeclares whether the property definition translates to an attribute instead of an element. Default value is
+false.
+
+
+ wrapped
+booleanMAY be used only for an array definition. Signifies whether the array is wrapped (for example,
+<books><book/><book/></books>) or unwrapped (<book/><book/>). Default value is false. The definition takes effect only when defined alongside type being array (outside the items).XML Object Examples
+No XML Element
+
+{
+ "animals": {
+ "type": "string"
+ }
+}
+
+animals:
+ type: string
+
+<animals>...</animals>
+wrapped is false by default):
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+
+<animals>...</animals>
+<animals>...</animals>
+<animals>...</animals>
+XML Name Replacement
+
+{
+ "animals": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ }
+}
+
+animals:
+ type: string
+ xml:
+ name: animal
+
+<animal>...</animal>
+XML Attribute, Prefix and Namespace
+
+{
+ "Person": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "integer",
+ "format": "int32",
+ "xml": {
+ "attribute": true
+ }
+ },
+ "name": {
+ "type": "string",
+ "xml": {
+ "namespace": "http://example.com/schema/sample",
+ "prefix": "sample"
+ }
+ }
+ }
+ }
+}
+
+Person:
+ type: object
+ properties:
+ id:
+ type: integer
+ format: int32
+ xml:
+ attribute: true
+ name:
+ type: string
+ xml:
+ namespace: http://example.com/schema/sample
+ prefix: sample
+
+<Person id="123">
+ <sample:name xmlns:sample="http://example.com/schema/sample">example</sample:name>
+</Person>
+XML Arrays
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: animal
+
+<animal>value</animal>
+<animal>value</animal>
+name property has no effect on the XML:
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ },
+ "xml": {
+ "name": "aliens"
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: animal
+ xml:
+ name: aliens
+
+<animal>value</animal>
+<animal>value</animal>
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ },
+ "xml": {
+ "wrapped": true
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ wrapped: true
+
+<animals>
+ <animals>value</animals>
+ <animals>value</animals>
+</animals>
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ },
+ "xml": {
+ "wrapped": true
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: animal
+ xml:
+ wrapped: true
+
+<animals>
+ <animal>value</animal>
+ <animal>value</animal>
+</animals>
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ },
+ "xml": {
+ "name": "aliens",
+ "wrapped": true
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: animal
+ xml:
+ name: aliens
+ wrapped: true
+
+<aliens>
+ <animal>value</animal>
+ <animal>value</animal>
+</aliens>
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ },
+ "xml": {
+ "name": "aliens",
+ "wrapped": true
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: aliens
+ wrapped: true
+
+<aliens>
+ <aliens>value</aliens>
+ <aliens>value</aliens>
+</aliens>
+Security Scheme Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Applies To
+Description
+
+
+ type
+stringAny
+REQUIRED. The type of the security scheme. Valid values are
+"apiKey", "http", "oauth2", "openIdConnect".
+
+ description
+stringAny
+A short description for security scheme. CommonMark syntax MAY be used for rich text representation.
+
+
+ name
+stringapiKeyREQUIRED. The name of the header, query or cookie parameter to be used.
+
+
+ in
+stringapiKeyREQUIRED. The location of the API key. Valid values are
+"query", "header" or "cookie".
+
+ scheme
+stringhttpREQUIRED. The name of the HTTP Authorization scheme to be used in the Authorization header as defined in [[!RFC7235]].
+
+
+ bearerFormat
+stringhttp ("bearer")A hint to the client to identify how the bearer token is formatted. Bearer tokens are usually generated by an authorization server, so this information is primarily for documentation purposes.
+
+
+ flows
+OAuth Flows Object
+oauth2REQUIRED. An object containing configuration information for the flow types supported.
+
+
+
+ openIdConnectUrl
+stringopenIdConnectREQUIRED. OpenId Connect URL to discover OAuth2 configuration values. This MUST be in the form of a URL.
+Security Scheme Object Example
+Basic Authentication Sample
+
+{
+ "type": "http",
+ "scheme": "basic"
+}
+
+type: http
+scheme: basic
+API Key Sample
+
+{
+ "type": "apiKey",
+ "name": "api_key",
+ "in": "header"
+}
+
+type: apiKey
+name: api_key
+in: header
+JWT Bearer Sample
+
+{
+ "type": "http",
+ "scheme": "bearer",
+ "bearerFormat": "JWT",
+}
+
+type: http
+scheme: bearer
+bearerFormat: JWT
+Implicit OAuth2 Sample
+
+{
+ "type": "oauth2",
+ "flows": {
+ "implicit": {
+ "authorizationUrl": "https://example.com/api/oauth/dialog",
+ "scopes": {
+ "write:pets": "modify pets in your account",
+ "read:pets": "read your pets"
+ }
+ }
+ }
+}
+
+type: oauth2
+flows:
+ implicit:
+ authorizationUrl: https://example.com/api/oauth/dialog
+ scopes:
+ write:pets: modify pets in your account
+ read:pets: read your pets
+OAuth Flows Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ implicit
+OAuth Flow Object
+Configuration for the OAuth Implicit flow
+
+
+ password
+OAuth Flow Object
+Configuration for the OAuth Resource Owner Password flow
+
+
+ clientCredentials
+OAuth Flow Object
+Configuration for the OAuth Client Credentials flow. Previously called
+application in OpenAPI 2.0.
+
+
+ authorizationCode
+OAuth Flow Object
+Configuration for the OAuth Authorization Code flow. Previously called
+accessCode in OpenAPI 2.0.OAuth Flow Object
+Fixed Fields
+OAuth Flow Object Examples
+
+{
+ "type": "oauth2",
+ "flows": {
+ "implicit": {
+ "authorizationUrl": "https://example.com/api/oauth/dialog",
+ "scopes": {
+ "write:pets": "modify pets in your account",
+ "read:pets": "read your pets"
+ }
+ },
+ "authorizationCode": {
+ "authorizationUrl": "https://example.com/api/oauth/dialog",
+ "tokenUrl": "https://example.com/api/oauth/token",
+ "scopes": {
+ "write:pets": "modify pets in your account",
+ "read:pets": "read your pets"
+ }
+ }
+ }
+}
+
+type: oauth2
+flows:
+ implicit:
+ authorizationUrl: https://example.com/api/oauth/dialog
+ scopes:
+ write:pets: modify pets in your account
+ read:pets: read your pets
+ authorizationCode:
+ authorizationUrl: https://example.com/api/oauth/dialog
+ tokenUrl: https://example.com/api/oauth/token
+ scopes:
+ write:pets: modify pets in your account
+ read:pets: read your pets
+Security Requirement Object
+Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ {name}
+[
+string]Each name MUST correspond to a security scheme which is declared in the Security Schemes under the Components Object. If the security scheme is of type
+"oauth2" or "openIdConnect", then the value is a list of scope names required for the execution. For other security scheme types, the array MUST be empty.Security Requirement Object Examples
+Non-OAuth2 Security Requirement
+
+{
+ "api_key": []
+}
+
+api_key: []
+OAuth2 Security Requirement
+
+{
+ "petstore_auth": [
+ "write:pets",
+ "read:pets"
+ ]
+}
+
+petstore_auth:
+- write:pets
+- read:pets
+Specification Extensions
+"x-".Security Filtering
+
+
+Appendix A: Revision History
+
+
+
+
diff --git a/docs/oas/v3.0.1.html b/docs/oas/v3.0.1.html
new file mode 100644
index 0000000000..a5349bbd20
--- /dev/null
+++ b/docs/oas/v3.0.1.html
@@ -0,0 +1,4039 @@
+
+
+
+
+Version
+Date
+Notes
+
+
+3.0.0
+2017-07-26
+Release of the OpenAPI Specification 3.0.0
+
+
+3.0.0-rc2
+2017-06-16
+rc2 of the 3.0 specification
+
+
+3.0.0-rc1
+2017-04-27
+rc1 of the 3.0 specification
+
+
+3.0.0-rc0
+2017-02-28
+Implementer’s Draft of the 3.0 specification
+
+
+2.0
+2015-12-31
+Donation of Swagger 2.0 to the Open API Initiative
+
+
+2.0
+2014-09-08
+Release of Swagger 2.0
+
+
+1.2
+2014-03-14
+Initial release of the formal document.
+
+
+1.1
+2012-08-22
+Release of Swagger 1.1
+
+
+
+1.0
+2011-08-10
+First release of the Swagger Specification
+OpenAPI Specification v3.0.1
Status of This Document
The source-of-truth for the specification is the GitHub markdown file referenced above.OpenAPI Specification
+Version 3.0.1
+Introduction
+Definitions
+OpenAPI Document
+Path Templating
+Media Types
+
+
+ text/plain; charset=utf-8
+ application/json
+ application/vnd.github+json
+ application/vnd.github.v3+json
+ application/vnd.github.v3.raw+json
+ application/vnd.github.v3.text+json
+ application/vnd.github.v3.html+json
+ application/vnd.github.v3.full+json
+ application/vnd.github.v3.diff
+ application/vnd.github.v3.patch
+HTTP Status Codes
+Specification
+Versions
+major.minor portion of the semver (for example 3.0) SHALL designate the OAS feature set. Typically, .patch versions address errors in this document, not the feature set. Tooling which supports OAS 3.0 SHOULD be compatible with all OAS 3.0.* versions. The patch version SHOULD NOT be considered by tooling, making no distinction between 3.0.0 and 3.0.1 for example.minor version number) SHOULD NOT interfere with tooling developed to a lower minor version and same major version. Thus a hypothetical 3.1.0 specification SHOULD be usable with tooling designed for 3.0.0.openapi field which designates the semantic version of the OAS that it uses. (OAS 2.0 documents contain a top-level version field named swagger and value "2.0".)Format
+
+{
+ "field": [ 1, 2, 3 ]
+}
+
+
+Document Structure
+$ref fields MUST be used in the specification to reference those parts as follows from the JSON Schema definitions.openapi.json or openapi.yaml.Data Types
+integer as a type is also supported and is defined as a JSON number without a fraction or exponent part.
+null is not supported as a type (see nullable for an alternative solution).
+Models are defined using the Schema Object, which is an extended subset of JSON Schema Specification Wright Draft 00.format.
+OAS uses several known formats to define in fine detail the data type being used.
+However, to support documentation needs, the format property is an open string-valued property, and can have any value.
+Formats such as "email", "uuid", and so on, MAY be used even though undefined by this specification.
+Types that are not accompanied by a format property follow the type definition in the JSON Schema. Tools that do not recognize a specific format MAY default back to the type alone, as if the format is not specified.
+
+
+
+
+
+
+Common Name
+typeformatComments
+
+
+integer
+integerint32signed 32 bits
+
+
+long
+integerint64signed 64 bits
+
+
+float
+numberfloat
+
+
+double
+numberdouble
+
+
+string
+string
+
+
+
+byte
+stringbytebase64 encoded characters
+
+
+binary
+stringbinaryany sequence of octets
+
+
+boolean
+boolean
+
+
+
+date
+stringdateAs defined by
+full-date - [!RFC3339]
+
+dateTime
+stringdate-timeAs defined by
+date-time - [!RFC3339]
+
+
+password
+stringpasswordA hint to UIs to obscure input.
+Rich Text Formatting
+description fields are noted as supporting CommonMark markdown formatting.
+Where OpenAPI tooling renders rich text it MUST support, at a minimum, markdown syntax as described by CommonMark 0.27. Tooling MAY choose to ignore some CommonMark features to address security concerns.Relative References in URLs
+Server Object as a Base URI.$ref are processed as per JSON Reference, using the URL of the current document as the base URI. See also the Reference Object.Schema
+OpenAPI Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ openapi
+stringREQUIRED. This string MUST be the semantic version number of the OpenAPI Specification version that the OpenAPI document uses. The
+openapi field SHOULD be used by tooling specifications and clients to interpret the OpenAPI document. This is not related to the API info.version string.
+
+ info
+Info Object
+REQUIRED. Provides metadata about the API. The metadata MAY be used by tooling as required.
+
+
+ servers
+[Server Object]
+An array of Server Objects, which provide connectivity information to a target server. If the
+servers property is not provided, or is an empty array, the default value would be a Server Object with a url value of /.
+
+ paths
+Paths Object
+REQUIRED. The available paths and operations for the API.
+
+
+ components
+Components Object
+An element to hold various schemas for the specification.
+
+
+ security
+[Security Requirement Object]
+A declaration of which security mechanisms can be used across the API. The list of values includes alternative security requirement objects that can be used. Only one of the security requirement objects need to be satisfied to authorize a request. Individual operations can override this definition.
+
+
+ tags
+[Tag Object]
+A list of tags used by the specification with additional metadata. The order of the tags can be used to reflect on their order by the parsing tools. Not all tags that are used by the Operation Object must be declared. The tags that are not declared MAY be organized randomly or based on the tools’ logic. Each tag name in the list MUST be unique.
+
+
+
+ externalDocs
+External Documentation Object
+Additional external documentation.
+Info Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ title
+stringREQUIRED. The title of the application.
+
+
+ description
+stringA short description of the application. CommonMark syntax MAY be used for rich text representation.
+
+
+ termsOfService
+stringA URL to the Terms of Service for the API. MUST be in the format of a URL.
+
+
+ contact
+Contact Object
+The contact information for the exposed API.
+
+
+ license
+License Object
+The license information for the exposed API.
+
+
+
+ version
+stringREQUIRED. The version of the OpenAPI document (which is distinct from the OpenAPI Specification version or the API implementation version).
+Info Object Example:
+
+{
+ "title": "Sample Pet Store App",
+ "description": "This is a sample server for a pet store.",
+ "termsOfService": "http://example.com/terms/",
+ "contact": {
+ "name": "API Support",
+ "url": "http://www.example.com/support",
+ "email": "support@example.com"
+ },
+ "license": {
+ "name": "Apache 2.0",
+ "url": "https://www.apache.org/licenses/LICENSE-2.0.html"
+ },
+ "version": "1.0.1"
+}
+
+title: Sample Pet Store App
+description: This is a sample server for a pet store.
+termsOfService: http://example.com/terms/
+contact:
+ name: API Support
+ url: http://www.example.com/support
+ email: support@example.com
+license:
+ name: Apache 2.0
+ url: https://www.apache.org/licenses/LICENSE-2.0.html
+version: 1.0.1
+Contact Object
+Fixed Fields
+Contact Object Example:
+
+{
+ "name": "API Support",
+ "url": "http://www.example.com/support",
+ "email": "support@example.com"
+}
+
+name: API Support
+url: http://www.example.com/support
+email: support@example.com
+License Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ name
+stringREQUIRED. The license name used for the API.
+
+
+
+ url
+stringA URL to the license used for the API. MUST be in the format of a URL.
+License Object Example:
+
+{
+ "name": "Apache 2.0",
+ "url": "https://www.apache.org/licenses/LICENSE-2.0.html"
+}
+
+name: Apache 2.0
+url: https://www.apache.org/licenses/LICENSE-2.0.html
+Server Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ url
+stringREQUIRED. A URL to the target host. This URL supports Server Variables and MAY be relative, to indicate that the host location is relative to the location where the OpenAPI document is being served. Variable substitutions will be made when a variable is named in
+{brackets}.
+
+ description
+stringAn optional string describing the host designated by the URL. CommonMark syntax MAY be used for rich text representation.
+
+
+
+ variables
+Map[
+string, Server Variable Object]A map between a variable name and its value. The value is used for substitution in the server’s URL template.
+Server Object Example
+
+{
+ "url": "https://development.gigantic-server.com/v1",
+ "description": "Development server"
+}
+
+url: https://development.gigantic-server.com/v1
+description: Development server
+servers:
+{
+ "servers": [
+ {
+ "url": "https://development.gigantic-server.com/v1",
+ "description": "Development server"
+ },
+ {
+ "url": "https://staging.gigantic-server.com/v1",
+ "description": "Staging server"
+ },
+ {
+ "url": "https://api.gigantic-server.com/v1",
+ "description": "Production server"
+ }
+ ]
+}
+
+servers:
+- url: https://development.gigantic-server.com/v1
+ description: Development server
+- url: https://staging.gigantic-server.com/v1
+ description: Staging server
+- url: https://api.gigantic-server.com/v1
+ description: Production server
+
+{
+ "servers": [
+ {
+ "url": "https://{username}.gigantic-server.com:{port}/{basePath}",
+ "description": "The production API server",
+ "variables": {
+ "username": {
+ "default": "demo",
+ "description": "this value is assigned by the service provider, in this example `gigantic-server.com`"
+ },
+ "port": {
+ "enum": [
+ "8443",
+ "443"
+ ],
+ "default": "8443"
+ },
+ "basePath": {
+ "default": "v2"
+ }
+ }
+ }
+ ]
+}
+
+servers:
+- url: https://{username}.gigantic-server.com:{port}/{basePath}
+ description: The production API server
+ variables:
+ username:
+ # note! no enum here means it is an open value
+ default: demo
+ description: this value is assigned by the service provider, in this example `gigantic-server.com`
+ port:
+ enum:
+ - '8443'
+ - '443'
+ default: '8443'
+ basePath:
+ # open meaning there is the opportunity to use special base paths as assigned by the provider, default is `v2`
+ default: v2
+Server Variable Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ enum
+[
+string]An enumeration of string values to be used if the substitution options are from a limited set.
+
+
+ default
+stringREQUIRED. The default value to use for substitution, and to send, if an alternate value is not supplied. Unlike the Schema Object’s
+default, this value MUST be provided by the consumer.
+
+
+ description
+stringAn optional description for the server variable. CommonMark syntax MAY be used for rich text representation.
+Components Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ schemas
+Map[
+string, Schema Object | Reference Object]An object to hold reusable Schema Objects.
+
+
+ responses
+Map[
+string, Response Object | Reference Object]An object to hold reusable Response Objects.
+
+
+ parameters
+Map[
+string, Parameter Object | Reference Object]An object to hold reusable Parameter Objects.
+
+
+ examples
+Map[
+string, Example Object | Reference Object]An object to hold reusable Example Objects.
+
+
+ requestBodies
+Map[
+string, Request Body Object | Reference Object]An object to hold reusable Request Body Objects.
+
+
+ headers
+Map[
+string, Header Object | Reference Object]An object to hold reusable Header Objects.
+
+
+ securitySchemes
+Map[
+string, Security Scheme Object | Reference Object]An object to hold reusable Security Scheme Objects.
+
+
+ links
+Map[
+string, Link Object | Reference Object]An object to hold reusable Link Objects.
+
+
+
+ callbacks
+Map[
+string, Callback Object | Reference Object]An object to hold reusable Callback Objects.
+^[a-zA-Z0-9\.\-_]+$.
+
+User
+User_1
+User_Name
+user-name
+my.org.User
+Components Object Example
+
+"components": {
+ "schemas": {
+ "Category": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "integer",
+ "format": "int64"
+ },
+ "name": {
+ "type": "string"
+ }
+ }
+ },
+ "Tag": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "integer",
+ "format": "int64"
+ },
+ "name": {
+ "type": "string"
+ }
+ }
+ }
+ },
+ "parameters": {
+ "skipParam": {
+ "name": "skip",
+ "in": "query",
+ "description": "number of items to skip",
+ "required": true,
+ "schema": {
+ "type": "integer",
+ "format": "int32"
+ }
+ },
+ "limitParam": {
+ "name": "limit",
+ "in": "query",
+ "description": "max records to return",
+ "required": true,
+ "schema" : {
+ "type": "integer",
+ "format": "int32"
+ }
+ }
+ },
+ "responses": {
+ "NotFound": {
+ "description": "Entity not found."
+ },
+ "IllegalInput": {
+ "description": "Illegal input for operation."
+ },
+ "GeneralError": {
+ "description": "General Error",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GeneralError"
+ }
+ }
+ }
+ }
+ },
+ "securitySchemes": {
+ "api_key": {
+ "type": "apiKey",
+ "name": "api_key",
+ "in": "header"
+ },
+ "petstore_auth": {
+ "type": "oauth2",
+ "flows": {
+ "implicit": {
+ "authorizationUrl": "http://example.org/api/oauth/dialog",
+ "scopes": {
+ "write:pets": "modify pets in your account",
+ "read:pets": "read your pets"
+ }
+ }
+ }
+ }
+ }
+}
+
+components:
+ schemas:
+ Category:
+ type: object
+ properties:
+ id:
+ type: integer
+ format: int64
+ name:
+ type: string
+ Tag:
+ type: object
+ properties:
+ id:
+ type: integer
+ format: int64
+ name:
+ type: string
+ parameters:
+ skipParam:
+ name: skip
+ in: query
+ description: number of items to skip
+ required: true
+ schema:
+ type: integer
+ format: int32
+ limitParam:
+ name: limit
+ in: query
+ description: max records to return
+ required: true
+ schema:
+ type: integer
+ format: int32
+ responses:
+ NotFound:
+ description: Entity not found.
+ IllegalInput:
+ description: Illegal input for operation.
+ GeneralError:
+ description: General Error
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GeneralError'
+ securitySchemes:
+ api_key:
+ type: apiKey
+ name: api_key
+ in: header
+ petstore_auth:
+ type: oauth2
+ flows:
+ implicit:
+ authorizationUrl: http://example.org/api/oauth/dialog
+ scopes:
+ write:pets: modify pets in your account
+ read:pets: read your pets
+Paths Object
+Server Object in order to construct the full URL. The Paths MAY be empty, due to ACL constraints.Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ /{path}
+Path Item Object
+A relative path to an individual endpoint. The field name MUST begin with a slash. The path is appended (no relative URL resolution) to the expanded URL from the
+Server Object’s url field in order to construct the full URL. Path templating is allowed. When matching URLs, concrete (non-templated) paths would be matched before their templated counterparts. Templated paths with the same hierarchy but different templated names MUST NOT exist as they are identical. In case of ambiguous matching, it’s up to the tooling to decide which one to use.Path Templating Matching
+/pets/mine, will be matched first if used:
+
+ /pets/{petId}
+ /pets/mine
+
+
+ /pets/{petId}
+ /pets/{name}
+
+
+ /{entity}/me
+ /books/{id}
+Paths Object Example
+
+{
+ "/pets": {
+ "get": {
+ "description": "Returns all pets from the system that the user has access to",
+ "responses": {
+ "200": {
+ "description": "A list of pets.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/pet"
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+}
+
+/pets:
+ get:
+ description: Returns all pets from the system that the user has access to
+ responses:
+ '200':
+ description: A list of pets.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/pet'
+Path Item Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ $ref
+stringAllows for an external definition of this path item. The referenced structure MUST be in the format of a Path Item Object. If there are conflicts between the referenced definition and this Path Item’s definition, the behavior is undefined.
+
+
+ summary
+stringAn optional, string summary, intended to apply to all operations in this path.
+
+
+ description
+stringAn optional, string description, intended to apply to all operations in this path. CommonMark syntax MAY be used for rich text representation.
+
+
+ get
+Operation Object
+A definition of a GET operation on this path.
+
+
+ put
+Operation Object
+A definition of a PUT operation on this path.
+
+
+ post
+Operation Object
+A definition of a POST operation on this path.
+
+
+ delete
+Operation Object
+A definition of a DELETE operation on this path.
+
+
+ options
+Operation Object
+A definition of a OPTIONS operation on this path.
+
+
+ head
+Operation Object
+A definition of a HEAD operation on this path.
+
+
+ patch
+Operation Object
+A definition of a PATCH operation on this path.
+
+
+ trace
+Operation Object
+A definition of a TRACE operation on this path.
+
+
+ servers
+[Server Object]
+An alternative
+server array to service all operations in this path.
+
+
+ parameters
+[Parameter Object | Reference Object]
+A list of parameters that are applicable for all the operations described under this path. These parameters can be overridden at the operation level, but cannot be removed there. The list MUST NOT include duplicated parameters. A unique parameter is defined by a combination of a name and location. The list can use the Reference Object to link to parameters that are defined at the OpenAPI Object’s components/parameters.
+Path Item Object Example
+
+{
+ "get": {
+ "description": "Returns pets based on ID",
+ "summary": "Find pets by ID",
+ "operationId": "getPetsById",
+ "responses": {
+ "200": {
+ "description": "pet response",
+ "content": {
+ "*/*": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/Pet"
+ }
+ }
+ }
+ }
+ },
+ "default": {
+ "description": "error payload",
+ "content": {
+ "text/html": {
+ "schema": {
+ "$ref": "#/components/schemas/ErrorModel"
+ }
+ }
+ }
+ }
+ }
+ },
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of pet to use",
+ "required": true,
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "style": "simple"
+ }
+ ]
+}
+
+get:
+ description: Returns pets based on ID
+ summary: Find pets by ID
+ operationId: getPetsById
+ responses:
+ '200':
+ description: pet response
+ content:
+ '*/*' :
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/Pet'
+ default:
+ description: error payload
+ content:
+ 'text/html':
+ schema:
+ $ref: '#/components/schemas/ErrorModel'
+parameters:
+- name: id
+ in: path
+ description: ID of pet to use
+ required: true
+ schema:
+ type: array
+ style: simple
+ items:
+ type: string
+Operation Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ tags
+[
+string]A list of tags for API documentation control. Tags can be used for logical grouping of operations by resources or any other qualifier.
+
+
+ summary
+stringA short summary of what the operation does.
+
+
+ description
+stringA verbose explanation of the operation behavior. CommonMark syntax MAY be used for rich text representation.
+
+
+ externalDocs
+External Documentation Object
+Additional external documentation for this operation.
+
+
+ operationId
+stringUnique string used to identify the operation. The id MUST be unique among all operations described in the API. Tools and libraries MAY use the operationId to uniquely identify an operation, therefore, it is RECOMMENDED to follow common programming naming conventions.
+
+
+ parameters
+[Parameter Object | Reference Object]
+A list of parameters that are applicable for this operation. If a parameter is already defined at the Path Item, the new definition will override it but can never remove it. The list MUST NOT include duplicated parameters. A unique parameter is defined by a combination of a name and location. The list can use the Reference Object to link to parameters that are defined at the OpenAPI Object’s components/parameters.
+
+
+ requestBody
+Request Body Object | Reference Object
+The request body applicable for this operation. The
+requestBody is only supported in HTTP methods where the HTTP 1.1 specification [[!RFC7231]] has explicitly defined semantics for request bodies. In other cases where the HTTP spec is vague, requestBody SHALL be ignored by consumers.
+
+ responses
+Responses Object
+REQUIRED. The list of possible responses as they are returned from executing this operation.
+
+
+ callbacks
+Map[
+string, Callback Object | Reference Object]A map of possible out-of band callbacks related to the parent operation. The key is a unique identifier for the Callback Object. Each value in the map is a Callback Object that describes a request that may be initiated by the API provider and the expected responses. The key value used to identify the callback object is an expression, evaluated at runtime, that identifies a URL to use for the callback operation.
+
+
+ deprecated
+booleanDeclares this operation to be deprecated. Consumers SHOULD refrain from usage of the declared operation. Default value is
+false.
+
+ security
+[Security Requirement Object]
+A declaration of which security mechanisms can be used for this operation. The list of values includes alternative security requirement objects that can be used. Only one of the security requirement objects need to be satisfied to authorize a request. This definition overrides any declared top-level
+security. To remove a top-level security declaration, an empty array can be used.
+
+
+ servers
+[Server Object]
+An alternative
+server array to service this operation. If an alternative server object is specified at the Path Item Object or Root level, it will be overridden by this value.Operation Object Example
+
+{
+ "tags": [
+ "pet"
+ ],
+ "summary": "Updates a pet in the store with form data",
+ "operationId": "updatePetWithForm",
+ "parameters": [
+ {
+ "name": "petId",
+ "in": "path",
+ "description": "ID of pet that needs to be updated",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "type": "object",
+ "properties": {
+ "name": {
+ "description": "Updated name of the pet",
+ "type": "string"
+ },
+ "status": {
+ "description": "Updated status of the pet",
+ "type": "string"
+ }
+ },
+ "required": ["status"]
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Pet updated.",
+ "content": {
+ "application/json": {},
+ "application/xml": {}
+ }
+ },
+ "405": {
+ "description": "Invalid input",
+ "content": {
+ "application/json": {},
+ "application/xml": {}
+ }
+ }
+ },
+ "security": [
+ {
+ "petstore_auth": [
+ "write:pets",
+ "read:pets"
+ ]
+ }
+ ]
+}
+
+tags:
+- pet
+summary: Updates a pet in the store with form data
+operationId: updatePetWithForm
+parameters:
+- name: petId
+ in: path
+ description: ID of pet that needs to be updated
+ required: true
+ schema:
+ type: string
+requestBody:
+ content:
+ 'application/x-www-form-urlencoded':
+ schema:
+ properties:
+ name:
+ description: Updated name of the pet
+ type: string
+ status:
+ description: Updated status of the pet
+ type: string
+ required:
+ - status
+responses:
+ '200':
+ description: Pet updated.
+ content:
+ 'application/json': {}
+ 'application/xml': {}
+ '405':
+ description: Invalid input
+ content:
+ 'application/json': {}
+ 'application/xml': {}
+security:
+- petstore_auth:
+ - write:pets
+ - read:pets
+External Documentation Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ description
+stringA short description of the target documentation. CommonMark syntax MAY be used for rich text representation.
+
+
+
+ url
+stringREQUIRED. The URL for the target documentation. Value MUST be in the format of a URL.
+External Documentation Object Example
+
+{
+ "description": "Find more info here",
+ "url": "https://example.com"
+}
+
+description: Find more info here
+url: https://example.com
+Parameter Object
+Parameter Locations
+in field:
+
+/items/{itemId}, the path parameter is itemId./items?id=###, the query parameter is id.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ name
+stringREQUIRED. The name of the parameter. Parameter names are case sensitive.
+in is "path", the name field MUST correspond to the associated path segment from the path field in the Paths Object. See Path Templating for further information.in is "header" and the name field is "Accept", "Content-Type" or "Authorization", the parameter definition SHALL be ignored.name corresponds to the parameter name used by the in property.
+
+ in
+stringREQUIRED. The location of the parameter. Possible values are “query”, “header”, “path” or “cookie”.
+
+
+ description
+stringA brief description of the parameter. This could contain examples of use. CommonMark syntax MAY be used for rich text representation.
+
+
+ required
+booleanDetermines whether this parameter is mandatory. If the parameter location is “path”, this property is REQUIRED and its value MUST be
+true. Otherwise, the property MAY be included and its default value is false.
+
+ deprecated
+booleanSpecifies that a parameter is deprecated and SHOULD be transitioned out of usage.
+
+
+
+ allowEmptyValue
+booleanSets the ability to pass empty-valued parameters. This is valid only for
+query parameters and allows sending a parameter with an empty value. Default value is false. If style is used, and if behavior is n/a (cannot be serialized), the value of allowEmptyValue SHALL be ignored.schema and style can describe the structure and syntax of the parameter.
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ style
+stringDescribes how the parameter value will be serialized depending on the type of the parameter value. Default values (based on value of
+in): for query - form; for path - simple; for header - simple; for cookie - form.
+
+ explode
+booleanWhen this is true, parameter values of type
+array or object generate separate parameters for each value of the array or key-value pair of the map. For other types of parameters this property has no effect. When style is form, the default value is true. For all other styles, the default value is false.
+
+ allowReserved
+booleanDetermines whether the parameter value SHOULD allow reserved characters, as defined by [[!RFC3986]]
+:/?#[]@!$&'()*+,;= to be included without percent-encoding. This property only applies to parameters with an in value of query. The default value is false.
+
+ schema
+Schema Object | Reference Object
+The schema defining the type used for the parameter.
+
+
+ example
+Any
+Example of the media type. The example SHOULD match the specified schema and encoding properties if present. The
+example field is mutually exclusive of the examples field. Furthermore, if referencing a schema which contains an example, the example value SHALL override the example provided by the schema. To represent examples of media types that cannot naturally be represented in JSON or YAML, a string value can contain the example with escaping where necessary.
+
+
+ examples
+Map[
+string, Example Object | Reference Object]Examples of the media type. Each example SHOULD contain a value in the correct format as specified in the parameter encoding. The
+examples field is mutually exclusive of the example field. Furthermore, if referencing a schema which contains an example, the examples value SHALL override the example provided by the schema.content property can define the media type and schema of the parameter.
+A parameter MUST contain either a schema property, or a content property, but not both.
+When example or examples are provided in conjunction with the schema object, the example MUST follow the prescribed serialization strategy for the parameter.
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+
+ content
+Map[
+string, Media Type Object]A map containing the representations for the parameter. The key is the media type and the value describes it. The map MUST only contain one entry.
+Style Values
+style values are defined.
+
+
+
+
+
+
+styletypeinComments
+
+
+matrix
+primitive, array, objectpathPath-style parameters defined by [[!RFC6570]]
+
+
+label
+primitive, array, objectpathLabel style parameters defined by [[!RFC6570]]
+
+
+form
+primitive, array, objectquery, cookieForm style parameters defined by [[!RFC6570]]. This option replaces
+collectionFormat with a csv (when explode is false) or multi (when explode is true) value from OpenAPI 2.0.
+
+simple
+arraypath, headerSimple style parameters defined by [[!RFC6570]]. This option replaces
+collectionFormat with a csv value from OpenAPI 2.0.
+
+spaceDelimited
+arrayquerySpace separated array values. This option replaces
+collectionFormat equal to ssv from OpenAPI 2.0.
+
+pipeDelimited
+arrayqueryPipe separated array values. This option replaces
+collectionFormat equal to pipes from OpenAPI 2.0.
+
+
+deepObject
+objectqueryProvides a simple way of rendering nested objects using form parameters.
+Style Examples
+color has one of the following values:
+
+ string -> "blue"
+ array -> ["blue","black","brown"]
+ object -> { "R": 100, "G": 200, "B": 150 }
+
+
+
+
+
+
+
+styleexplodeemptystringarrayobject
+
+matrix
+false
+;color
+;color=blue
+;color=blue,black,brown
+;color=R,100,G,200,B,150
+
+
+matrix
+true
+;color
+;color=blue
+;color=blue;color=black;color=brown
+;R=100;G=200;B=150
+
+
+label
+false
+.
+.blue
+.blue.black.brown
+.R.100.G.200.B.150
+
+
+label
+true
+.
+.blue
+.blue.black.brown
+.R=100.G=200.B=150
+
+
+form
+false
+color=
+color=blue
+color=blue,black,brown
+color=R,100,G,200,B,150
+
+
+form
+true
+color=
+color=blue
+color=blue&color=black&color=brown
+R=100&G=200&B=150
+
+
+simple
+false
+n/a
+blue
+blue,black,brown
+R,100,G,200,B,150
+
+
+simple
+true
+n/a
+blue
+blue,black,brown
+R=100,G=200,B=150
+
+
+spaceDelimited
+false
+n/a
+n/a
+blue%20black%20brown
+R%20100%20G%20200%20B%20150
+
+
+pipeDelimited
+false
+n/a
+n/a
+blue|black|brown
+R|100|G|200
+
+
+
+deepObject
+true
+n/a
+n/a
+n/a
+color[R]=100&color[G]=200&color[B]=150
+Parameter Object Examples
+
+{
+ "name": "token",
+ "in": "header",
+ "description": "token to be passed as a header",
+ "required": true,
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "integer",
+ "format": "int64"
+ }
+ },
+ "style": "simple"
+}
+
+name: token
+in: header
+description: token to be passed as a header
+required: true
+schema:
+ type: array
+ items:
+ type: integer
+ format: int64
+style: simple
+
+{
+ "name": "username",
+ "in": "path",
+ "description": "username to fetch",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+}
+
+name: username
+in: path
+description: username to fetch
+required: true
+schema:
+ type: string
+
+{
+ "name": "id",
+ "in": "query",
+ "description": "ID of the object to fetch",
+ "required": false,
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "style": "form",
+ "explode": true
+}
+
+name: id
+in: query
+description: ID of the object to fetch
+required: false
+schema:
+ type: array
+ items:
+ type: string
+style: form
+explode: true
+
+{
+ "in": "query",
+ "name": "freeForm",
+ "schema": {
+ "type": "object",
+ "additionalProperties": {
+ "type": "integer"
+ },
+ },
+ "style": "form"
+}
+
+in: query
+name: freeForm
+schema:
+ type: object
+ additionalProperties:
+ type: integer
+style: form
+content to define serialization:
+{
+ "in": "query",
+ "name": "coordinates",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "object",
+ "required": [
+ "lat",
+ "long"
+ ],
+ "properties": {
+ "lat": {
+ "type": "number"
+ },
+ "long": {
+ "type": "number"
+ }
+ }
+ }
+ }
+ }
+}
+
+in: query
+name: coordinates
+content:
+ application/json:
+ schema:
+ type: object
+ required:
+ - lat
+ - long
+ properties:
+ lat:
+ type: number
+ long:
+ type: number
+Request Body Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ description
+stringA brief description of the request body. This could contain examples of use. CommonMark syntax MAY be used for rich text representation.
+
+
+ content
+Map[
+string, Media Type Object]REQUIRED. The content of the request body. The key is a media type or media type range and the value describes it. For requests that match multiple keys, only the most specific key is applicable. e.g. text/plain overrides text/*
+
+
+
+ required
+booleanDetermines if the request body is required in the request. Defaults to
+false.Request Body Examples
+
+{
+ "description": "user to add to the system",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/User"
+ },
+ "examples": {
+ "user" : {
+ "summary": "User Example",
+ "externalValue": "http://foo.bar/examples/user-example.json"
+ }
+ }
+ },
+ "application/xml": {
+ "schema": {
+ "$ref": "#/components/schemas/User"
+ },
+ "examples": {
+ "user" : {
+ "summary": "User example in XML",
+ "externalValue": "http://foo.bar/examples/user-example.xml"
+ }
+ }
+ },
+ "text/plain": {
+ "examples": {
+ "user" : {
+ "summary": "User example in Plain text",
+ "externalValue": "http://foo.bar/examples/user-example.txt"
+ }
+ }
+ },
+ "*/*": {
+ "examples": {
+ "user" : {
+ "summary": "User example in other format",
+ "externalValue": "http://foo.bar/examples/user-example.whatever"
+ }
+ }
+ }
+ }
+}
+
+description: user to add to the system
+content:
+ 'application/json':
+ schema:
+ $ref: '#/components/schemas/User'
+ examples:
+ user:
+ summary: User Example
+ externalValue: 'http://foo.bar/examples/user-example.json'
+ 'application/xml':
+ schema:
+ $ref: '#/components/schemas/User'
+ examples:
+ user:
+ summary: User Example in XML
+ externalValue: 'http://foo.bar/examples/user-example.xml'
+ 'text/plain':
+ examples:
+ user:
+ summary: User example in text plain format
+ externalValue: 'http://foo.bar/examples/user-example.txt'
+ '*/*':
+ examples:
+ user:
+ summary: User example in other format
+ externalValue: 'http://foo.bar/examples/user-example.whatever'
+
+{
+ "description": "user to add to the system",
+ "content": {
+ "text/plain": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ }
+ }
+}
+
+description: user to add to the system
+required: true
+content:
+ text/plain:
+ schema:
+ type: array
+ items:
+ type: string
+Media Type Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ schema
+Schema Object | Reference Object
+The schema defining the type used for the request body.
+
+
+ example
+Any
+Example of the media type. The example object SHOULD be in the correct format as specified by the media type. The
+example field is mutually exclusive of the examples field. Furthermore, if referencing a schema which contains an example, the example value SHALL override the example provided by the schema.
+
+ examples
+Map[
+string, Example Object | Reference Object]Examples of the media type. Each example object SHOULD match the media type and specified schema if present. The
+examples field is mutually exclusive of the example field. Furthermore, if referencing a schema which contains an example, the examples value SHALL override the example provided by the schema.
+
+
+ encoding
+Map[
+string, Encoding Object]A map between a property name and its encoding information. The key, being the property name, MUST exist in the schema as a property. The encoding object SHALL only apply to
+requestBody objects when the media type is multipart or application/x-www-form-urlencoded.Media Type Examples
+
+{
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/Pet"
+ },
+ "examples": {
+ "cat" : {
+ "summary": "An example of a cat",
+ "value":
+ {
+ "name": "Fluffy",
+ "petType": "Cat",
+ "color": "White",
+ "gender": "male",
+ "breed": "Persian"
+ }
+ },
+ "dog": {
+ "summary": "An example of a dog with a cat's name",
+ "value" : {
+ "name": "Puma",
+ "petType": "Dog",
+ "color": "Black",
+ "gender": "Female",
+ "breed": "Mixed"
+ },
+ "frog": {
+ "$ref": "#/components/examples/frog-example"
+ }
+ }
+ }
+ }
+}
+
+application/json:
+ schema:
+ $ref: "#/components/schemas/Pet"
+ examples:
+ cat:
+ summary: An example of a cat
+ value:
+ name: Fluffy
+ petType: Cat
+ color: White
+ gender: male
+ breed: Persian
+ dog:
+ summary: An example of a dog with a cat's name
+ value:
+ name: Puma
+ petType: Dog
+ color: Black
+ gender: Female
+ breed: Mixed
+ frog:
+ $ref: "#/components/examples/frog-example"
+Considerations for File Uploads
+file input/output content in OpenAPI is described with the same semantics as any other schema type. Specifically:
+# content transferred with base64 encoding
+schema:
+ type: string
+ format: base64
+
+# content transferred in binary (octet-stream):
+schema:
+ type: string
+ format: binary
+requestBody for submitting a file in a POST operation may look like the following example:
+requestBody:
+ content:
+ application/octet-stream:
+ # any media type is accepted, functionally equivalent to `*/*`
+ schema:
+ # a binary file of any type
+ type: string
+ format: binary
+
+# multiple, specific media types may be specified:
+requestBody:
+ content:
+ # a binary file of type png or jpeg
+ 'image/jpeg':
+ schema:
+ type: string
+ format: binary
+ 'image/png':
+ schema:
+ type: string
+ format: binary
+multipart media type MUST be used:
+requestBody:
+ content:
+ multipart/form-data:
+ schema:
+ properties:
+ # The property name 'file' will be used for all files.
+ file:
+ type: array
+ items:
+ type: string
+ format: binary
+
+Support for x-www-form-urlencoded Request Bodies
+
+requestBody:
+ content:
+ application/x-www-form-urlencoded:
+ schema:
+ type: object
+ properties:
+ id:
+ type: string
+ format: uuid
+ address:
+ # complex types are stringified to support RFC 1866
+ type: object
+ properties: {}
+requestBody MUST be stringified per [[!RFC1866]] when passed to the server. In addition, the address field complex object will be stringified.application/x-www-form-urlencoded content type, the default serialization strategy of such properties is described in the Encoding Object’s style property as form.Special Considerations for
+multipart Contentmultipart/form-data as a Content-Type when transferring request bodies to operations. In contrast to 2.0, a schema is REQUIRED to define the input parameters to the operation when using multipart content. This supports complex structures as well as supporting mechanisms for multiple file uploads.multipart types, boundaries MAY be used to separate sections of the content being transferred — thus, the following default Content-Types are defined for multipart:
+
+text/plainapplication/jsontype: string with format: binary or format: base64 (aka a file object), the default Content-Type is application/octet-stream
+requestBody:
+ content:
+ multipart/form-data:
+ schema:
+ type: object
+ properties:
+ id:
+ type: string
+ format: uuid
+ address:
+ # default Content-Type for objects is `application/json`
+ type: object
+ properties: {}
+ profileImage:
+ # default Content-Type for string/binary is `application/octet-stream`
+ type: string
+ format: binary
+ children:
+ # default Content-Type for arrays is based on the `inner` type (text/plain here)
+ type: array
+ items:
+ type: string
+ addresses:
+ # default Content-Type for arrays is based on the `inner` type (object shown, so `application/json` in this example)
+ type: array
+ items:
+ type: '#/components/schemas/Address'
+encoding attribute is introduced to give you control over the serialization of parts of multipart request bodies. This attribute is only applicable to multipart and application/x-www-form-urlencoded request bodies.Encoding Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ contentType
+stringThe Content-Type for encoding a specific property. Default value depends on the property type: for
+string with format being binary – application/octet-stream; for other primitive types – text/plain; for object - application/json; for array – the default is defined based on the inner type. The value can be a specific media type (e.g. application/json), a wildcard media type (e.g. image/*), or a comma-separated list of the two types.
+
+ headers
+Map[
+string, Header Object | Reference Object]A map allowing additional information to be provided as headers, for example
+Content-Disposition. Content-Type is described separately and SHALL be ignored in this section. This property SHALL be ignored if the request body media type is not a multipart.
+
+ style
+stringDescribes how a specific property value will be serialized depending on its type. See Parameter Object for details on the
+style property. The behavior follows the same values as query parameters, including default values. This property SHALL be ignored if the request body media type is not application/x-www-form-urlencoded.
+
+ explode
+booleanWhen this is true, property values of type
+array or object generate separate parameters for each value of the array, or key-value-pair of the map. For other types of properties this property has no effect. When style is form, the default value is true. For all other styles, the default value is false. This property SHALL be ignored if the request body media type is not application/x-www-form-urlencoded.
+
+
+ allowReserved
+booleanDetermines whether the parameter value SHOULD allow reserved characters, as defined by [[!RFC3986]]
+:/?#[]@!$&'()*+,;= to be included without percent-encoding. The default value is false. This property SHALL be ignored if the request body media type is not application/x-www-form-urlencoded.Encoding Object Example
+
+requestBody:
+ content:
+ multipart/mixed:
+ schema:
+ type: object
+ properties:
+ id:
+ # default is text/plain
+ type: string
+ format: uuid
+ address:
+ # default is application/json
+ type: object
+ properties: {}
+ historyMetadata:
+ # need to declare XML format!
+ description: metadata in XML format
+ type: object
+ properties: {}
+ profileImage:
+ # default is application/octet-stream, need to declare an image type only!
+ type: string
+ format: binary
+ encoding:
+ historyMetadata:
+ # require XML Content-Type in utf-8 encoding
+ contentType: application/xml; charset=utf-8
+ profileImage:
+ # only accept png/jpeg
+ contentType: image/png, image/jpeg
+ headers:
+ X-Rate-Limit-Limit:
+ description: The number of allowed requests in the current period
+ schema:
+ type: integer
+Responses Object
+default MAY be used as a default response object for all HTTP codes
+that are not covered individually by the specification.Responses Object MUST contain at least one response code, and it
+SHOULD be the response for a successful operation call.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+
+ default
+Response Object | Reference Object
+The documentation of responses other than the ones declared for specific HTTP response codes. Use this field to cover undeclared responses. A Reference Object can link to a response that the OpenAPI Object’s components/responses section defines.
+Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ HTTP Status Code
+Response Object | Reference Object
+Any HTTP status code can be used as the property name, but only one property per code, to describe the expected response for that HTTP status code. A Reference Object can link to a response that is defined in the OpenAPI Object’s components/responses section. This field MUST be enclosed in quotation marks (for example, “200”) for compatibility between JSON and YAML. To define a range of response codes, this field MAY contain the uppercase wildcard character
+X. For example, 2XX represents all response codes between [200-299]. The following range definitions are allowed: 1XX, 2XX, 3XX, 4XX, and 5XX. If a response range is defined using an explicit code, the explicit code definition takes precedence over the range definition for that code.Responses Object Example
+
+{
+ "200": {
+ "description": "a pet to be returned",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/Pet"
+ }
+ }
+ }
+ },
+ "default": {
+ "description": "Unexpected error",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ErrorModel"
+ }
+ }
+ }
+ }
+}
+
+'200':
+ description: a pet to be returned
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Pet'
+default:
+ description: Unexpected error
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ErrorModel'
+Response Object
+links to operations based on the response.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ description
+stringREQUIRED. A short description of the response. CommonMark syntax MAY be used for rich text representation.
+
+
+ headers
+Map[
+string, Header Object | Reference Object]Maps a header name to its definition. [[!RFC7230]] states header names are case insensitive. If a response header is defined with the name
+"Content-Type", it SHALL be ignored.
+
+ content
+Map[
+string, Media Type Object]A map containing descriptions of potential response payloads. The key is a media type or media type range and the value describes it. For responses that match multiple keys, only the most specific key is applicable. e.g. text/plain overrides text/*
+
+
+
+ links
+Map[
+string, Link Object | Reference Object]A map of operations links that can be followed from the response. The key of the map is a short name for the link, following the naming constraints of the names for Component Objects.
+Response Object Examples
+
+{
+ "description": "A complex object array response",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/VeryComplexType"
+ }
+ }
+ }
+ }
+}
+
+description: A complex object array response
+content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/VeryComplexType'
+
+{
+ "description": "A simple string response",
+ "content": {
+ "text/plain": {
+ "schema": {
+ "type": "string"
+ }
+ }
+ }
+
+}
+
+description: A simple string response
+content:
+ text/plain:
+ schema:
+ type: string
+
+{
+ "description": "A simple string response",
+ "content": {
+ "text/plain": {
+ "schema": {
+ "type": "string"
+ }
+ }
+ },
+ "headers": {
+ "X-Rate-Limit-Limit": {
+ "description": "The number of allowed requests in the current period",
+ "schema": {
+ "type": "integer"
+ }
+ },
+ "X-Rate-Limit-Remaining": {
+ "description": "The number of remaining requests in the current period",
+ "schema": {
+ "type": "integer"
+ }
+ },
+ "X-Rate-Limit-Reset": {
+ "description": "The number of seconds left in the current period",
+ "schema": {
+ "type": "integer"
+ }
+ }
+ }
+}
+
+description: A simple string response
+content:
+ text/plain:
+ schema:
+ type: string
+ example: 'whoa!'
+headers:
+ X-Rate-Limit-Limit:
+ description: The number of allowed requests in the current period
+ schema:
+ type: integer
+ X-Rate-Limit-Remaining:
+ description: The number of remaining requests in the current period
+ schema:
+ type: integer
+ X-Rate-Limit-Reset:
+ description: The number of seconds left in the current period
+ schema:
+ type: integer
+
+{
+ "description": "object created"
+}
+
+description: object created
+Callback Object
+Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ {expression}
+Path Item Object
+A Path Item Object used to define a callback request and expected responses. A complete example is available.
+Key Expression
+$request.body#/url.
+However, using a runtime expression the complete HTTP message can be accessed.
+This includes accessing any part of a body that a JSON Pointer [[!RFC6901]] can reference.
+POST /subscribe/myevent?queryUrl=http://clientdomain.com/stillrunning HTTP/1.1
+Host: example.org
+Content-Type: application/json
+Content-Length: 187
+
+{
+ "failedUrl" : "http://clientdomain.com/failed",
+ "successUrls" : [
+ "http://clientdomain.com/fast",
+ "http://clientdomain.com/medium",
+ "http://clientdomain.com/slow"
+ ]
+}
+
+201 Created
+Location: http://example.org/subscription/1
+eventType and a query parameter named queryUrl.
+
+
+
+
+
+
+Expression
+Value
+
+
+$url
+http://example.org/subscribe/myevent?queryUrl=http://clientdomain.com/stillrunning
+
+
+$method
+POST
+
+
+$request.path.eventType
+myevent
+
+
+$request.query.queryUrl
+http://clientdomain.com/stillrunning
+
+
+$request.header.content-Type
+application/json
+
+
+$request.body#/failedUrl
+http://clientdomain.com/stillrunning
+
+
+$request.body#/successUrls/2
+http://clientdomain.com/medium
+
+
+
+$response.header.Location
+http://example.org/subscription/1
+Callback Object Example
+id and email property in the request body.
+myWebhook:
+ 'http://notificationServer.com?transactionId={$request.body#/id}&email={$request.body#/email}':
+ post:
+ requestBody:
+ description: Callback payload
+ content:
+ 'application/json':
+ schema:
+ $ref: '#/components/schemas/SomePayload'
+ responses:
+ '200':
+ description: webhook successfully processed and no retries will be performed
+Example Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ summary
+stringShort description for the example.
+
+
+ description
+stringLong description for the example. CommonMark syntax MAY be used for rich text representation.
+
+
+ value
+Any
+Embedded literal example. The
+value field and externalValue field are mutually exclusive. To represent examples of media types that cannot naturally represented in JSON or YAML, use a string value to contain the example, escaping where necessary.
+
+
+ externalValue
+stringA URL that points to the literal example. This provides the capability to reference examples that cannot easily be included in JSON or YAML documents. The
+value field and externalValue field are mutually exclusive.Example Object Example
+
+# in a model
+schemas:
+ properties:
+ name:
+ type: string
+ examples:
+ name:
+ $ref: http://example.org/petapi-examples/openapi.json#/components/examples/name-example
+
+# in a request body:
+ requestBody:
+ content:
+ 'application/json':
+ schema:
+ $ref: '#/components/schemas/Address'
+ examples:
+ foo:
+ summary: A foo example
+ value: {"foo": "bar"}
+ bar:
+ summary: A bar example
+ value: {"bar": "baz"}
+ 'application/xml':
+ examples:
+ xmlExample:
+ summary: This is an example in XML
+ externalValue: 'http://example.org/examples/address-example.xml'
+ 'text/plain':
+ examples:
+ textExample:
+ summary: This is a text example
+ externalValue: 'http://foo.bar/examples/address-example.txt'
+
+
+# in a parameter
+ parameters:
+ - name: 'zipCode'
+ in: 'query'
+ schema:
+ type: 'string'
+ format: 'zip-code'
+ examples:
+ zip-example:
+ $ref: '#/components/examples/zip-example'
+
+# in a response
+ responses:
+ '200':
+ description: your car appointment has been booked
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SuccessResponse'
+ examples:
+ confirmation-success:
+ $ref: '#/components/examples/confirmation-success'
+Link Object
+Link object represents a possible design-time link for a response.
+The presence of a link does not guarantee the caller’s ability to successfully invoke it, rather it provides a known relationship and traversal mechanism between responses and other operations.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ operationRef
+stringA relative or absolute reference to an OAS operation. This field is mutually exclusive of the
+operationId field, and MUST point to an Operation Object. Relative operationRef values MAY be used to locate an existing Operation Object in the OpenAPI definition.
+
+ operationId
+stringThe name of an existing, resolvable OAS operation, as defined with a unique
+operationId. This field is mutually exclusive of the operationRef field.
+
+ parameters
+Map[
+string, Any | {expression}]A map representing parameters to pass to an operation as specified with
+operationId or identified via operationRef. The key is the parameter name to be used, whereas the value can be a constant or an expression to be evaluated and passed to the linked operation. The parameter name can be qualified using the parameter location [{in}.]{name} for operations that use the same parameter name in different locations (e.g. path.id).
+
+ requestBody
+Any | {expression}
+A literal value or {expression} to use as a request body when calling the target operation.
+
+
+ description
+stringA description of the link. CommonMark syntax MAY be used for rich text representation.
+
+
+
+ server
+Server Object
+A server object to be used by the target operation.
+operationRef or operationId.
+In the case of an operationId, it MUST be unique and resolved in the scope of the OAS document.
+Because of the potential for name clashes, the operationRef syntax is preferred
+for specifications with external references.Examples
+$request.path.id is used to pass a request parameter to the linked operation.
+paths:
+ /users/{id}:
+ parameters:
+ - name: id
+ in: path
+ required: true
+ description: the user identifier, as userId
+ schema:
+ type: string
+ get:
+ responses:
+ '200':
+ description: the user being returned
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ uuid: # the unique user id
+ type: string
+ format: uuid
+ links:
+ address:
+ # the target link operationId
+ operationId: getUserAddress
+ parameters:
+ # get the `id` field from the request path parameter named `id`
+ userId: $request.path.id
+ # the path item of the linked operation
+ /users/{userid}/address:
+ parameters:
+ - name: userid
+ in: path
+ required: true
+ description: the user identifier, as userId
+ schema:
+ type: string
+ # linked operation
+ get:
+ operationId: getUserAddress
+ responses:
+ '200':
+ description: the user's address
+
+links:
+ address:
+ operationId: getUserAddressByUUID
+ parameters:
+ # get the `uuid` field from the `uuid` field in the response body
+ userUuid: $response.body#/uuid
+OperationRef Examples
+operationId MAY NOT be possible (the operationId is an optional
+value), references MAY also be made through a relative operationRef:
+links:
+ UserRepositories:
+ # returns array of '#/components/schemas/repository'
+ operationRef: '#/paths/~12.0~1repositories~1{username}/get'
+ parameters:
+ username: $response.body#/username
+operationRef:
+links:
+ UserRepositories:
+ # returns array of '#/components/schemas/repository'
+ operationRef: 'https://na2.gigantic-server.com/#/paths/~12.0~1repositories~1{username}/get'
+ parameters:
+ username: $response.body#/username
+operationRef, the escaped forward-slash is necessary when
+using JSON references.Runtime Expressions
+
+
+ expression = ( "$url" | "$method" | "$statusCode" | "$request." source | "$response." source )
+ source = ( header-reference | query-reference | path-reference | body-reference )
+ header-reference = "header." token
+ query-reference = "query." name
+ path-reference = "path." name
+ body-reference = "body" ["#" fragment]
+ fragment = a JSON Pointer [RFC 6901](https://tools.ietf.org/html/rfc6901)
+ name = *( char )
+ char = as per RFC [7159](https://tools.ietf.org/html/rfc7159#section-7)
+ token = as per RFC [7230](https://tools.ietf.org/html/rfc7230#section-3.2.6)
+name identifier is case-sensitive, whereas token is not.Examples
+
+
+
+
+
+
+
+Source Location
+example expression
+notes
+
+
+HTTP Method
+$methodThe allowable values for the
+$method will be those for the HTTP operation.
+
+Requested media type
+$request.header.accept
+
+
+Request parameter
+$request.path.idRequest parameters MUST be declared in the
+parameters section of the parent operation or they cannot be evaluated. This includes request headers.
+
+Request body property
+$request.body#/user/uuidIn operations which accept payloads, references may be made to portions of the
+requestBody or the entire body.
+
+Request URL
+$url
+
+
+Response value
+$response.body#/statusIn operations which return payloads, references may be made to portions of the response body or the entire body.
+
+
+
+Response header
+$response.header.ServerSingle header values only are available
+{} curly braces.Header Object
+
+
+name MUST NOT be specified, it is given in the corresponding headers map.in MUST NOT be specified, it is implicitly in header.header (for example, style).Header Object Example
+integer:
+{
+ "description": "The number of allowed requests in the current period",
+ "schema": {
+ "type": "integer"
+ }
+}
+
+description: The number of allowed requests in the current period
+schema:
+ type: integer
+Tag Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ name
+stringREQUIRED. The name of the tag.
+
+
+ description
+stringA short description for the tag. CommonMark syntax MAY be used for rich text representation.
+
+
+
+ externalDocs
+External Documentation Object
+Additional external documentation for this tag.
+Tag Object Example
+
+{
+ "name": "pet",
+ "description": "Pets operations"
+}
+
+name: pet
+description: Pets operations
+Reference Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+
+ $ref
+stringREQUIRED. The reference string.
+Reference Object Example
+
+{
+ "$ref": "#/components/schemas/Pet"
+}
+
+$ref: '#/components/schemas/Pet'
+Relative Schema Document Example
+
+{
+ "$ref": "Pet.json"
+}
+
+$ref: Pet.yaml
+Relative Documents With Embedded Schema Example
+
+{
+ "$ref": "definitions.json#/Pet"
+}
+
+$ref: definitions.yaml#/Pet
+Schema Object
+Properties
+
+
+
+
+items MUST be present if the type is array.type is string, then default can be "foo" but cannot be 1.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ nullable
+booleanAllows sending a
+null value for the defined schema. Default value is false.
+
+ discriminator
+Discriminator Object
+Adds support for polymorphism. The discriminator is an object name that is used to differentiate between other schemas which may satisfy the payload description. See Composition and Inheritance for more details.
+
+
+ readOnly
+booleanRelevant only for Schema
+"properties" definitions. Declares the property as “read only”. This means that it MAY be sent as part of a response but SHOULD NOT be sent as part of the request. If the property is marked as readOnly being true and is in the required list, the required will take effect on the response only. A property MUST NOT be marked as both readOnly and writeOnly being true. Default value is false.
+
+ writeOnly
+booleanRelevant only for Schema
+"properties" definitions. Declares the property as “write only”. Therefore, it MAY be sent as part of a request but SHOULD NOT be sent as part of the response. If the property is marked as writeOnly being true and is in the required list, the required will take effect on the request only. A property MUST NOT be marked as both readOnly and writeOnly being true. Default value is false.
+
+ xml
+XML Object
+This MAY be used only on properties schemas. It has no effect on root schemas. Adds additional metadata to describe the XML representation of this property.
+
+
+ externalDocs
+External Documentation Object
+Additional external documentation for this schema.
+
+
+ example
+Any
+A free-form property to include an example of an instance for this schema. To represent examples that cannot be naturally represented in JSON or YAML, a string value can be used to contain the example with escaping where necessary.
+
+
+
+ deprecated
+booleanSpecifies that a schema is deprecated and SHOULD be transitioned out of usage. Default value is
+false.Composition and Inheritance (Polymorphism)
+allOf property of JSON Schema, in effect offering model composition.
+allOf takes an array of object definitions that are validated independently but together compose a single object.discriminator field.
+When used, the discriminator will be the name of the property that decides which schema definition validates the structure of the model.
+As such, the discriminator field MUST be a required field.
+There are two ways to define the value of a discriminator for an inheriting instance.
+
+XML Modeling
+Schema Object Examples
+Primitive Sample
+
+{
+ "type": "string",
+ "format": "email"
+}
+
+type: string
+format: email
+Simple Model
+
+{
+ "type": "object",
+ "required": [
+ "name"
+ ],
+ "properties": {
+ "name": {
+ "type": "string"
+ },
+ "address": {
+ "$ref": "#/components/schemas/Address"
+ },
+ "age": {
+ "type": "integer",
+ "format": "int32",
+ "minimum": 0
+ }
+ }
+}
+
+type: object
+required:
+- name
+properties:
+ name:
+ type: string
+ address:
+ $ref: '#/components/schemas/Address'
+ age:
+ type: integer
+ format: int32
+ minimum: 0
+Model with Map/Dictionary Properties
+
+{
+ "type": "object",
+ "additionalProperties": {
+ "type": "string"
+ }
+}
+
+type: object
+additionalProperties:
+ type: string
+
+{
+ "type": "object",
+ "additionalProperties": {
+ "$ref": "#/components/schemas/ComplexModel"
+ }
+}
+
+type: object
+additionalProperties:
+ $ref: '#/components/schemas/ComplexModel'
+Model with Example
+
+{
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "integer",
+ "format": "int64"
+ },
+ "name": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "name"
+ ],
+ "example": {
+ "name": "Puma",
+ "id": 1
+ }
+}
+
+type: object
+properties:
+ id:
+ type: integer
+ format: int64
+ name:
+ type: string
+required:
+- name
+example:
+ name: Puma
+ id: 1
+Models with Composition
+
+{
+ "components": {
+ "schemas": {
+ "ErrorModel": {
+ "type": "object",
+ "required": [
+ "message",
+ "code"
+ ],
+ "properties": {
+ "message": {
+ "type": "string"
+ },
+ "code": {
+ "type": "integer",
+ "minimum": 100,
+ "maximum": 600
+ }
+ }
+ },
+ "ExtendedErrorModel": {
+ "allOf": [
+ {
+ "$ref": "#/components/schemas/ErrorModel"
+ },
+ {
+ "type": "object",
+ "required": [
+ "rootCause"
+ ],
+ "properties": {
+ "rootCause": {
+ "type": "string"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+}
+
+components:
+ schemas:
+ ErrorModel:
+ type: object
+ required:
+ - message
+ - code
+ properties:
+ message:
+ type: string
+ code:
+ type: integer
+ minimum: 100
+ maximum: 600
+ ExtendedErrorModel:
+ allOf:
+ - $ref: '#/components/schemas/ErrorModel'
+ - type: object
+ required:
+ - rootCause
+ properties:
+ rootCause:
+ type: string
+Models with Polymorphism Support
+
+{
+ "components": {
+ "schemas": {
+ "Pet": {
+ "type": "object",
+ "discriminator": {
+ "propertyName": "petType"
+ },
+ "properties": {
+ "name": {
+ "type": "string"
+ },
+ "petType": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "name",
+ "petType"
+ ]
+ },
+ "Cat": {
+ "description": "A representation of a cat. Note that `Cat` will be used as the discriminator value.",
+ "allOf": [
+ {
+ "$ref": "#/components/schemas/Pet"
+ },
+ {
+ "type": "object",
+ "properties": {
+ "huntingSkill": {
+ "type": "string",
+ "description": "The measured skill for hunting",
+ "default": "lazy",
+ "enum": [
+ "clueless",
+ "lazy",
+ "adventurous",
+ "aggressive"
+ ]
+ }
+ },
+ "required": [
+ "huntingSkill"
+ ]
+ }
+ ]
+ },
+ "Dog": {
+ "description": "A representation of a dog. Note that `Dog` will be used as the discriminator value.",
+ "allOf": [
+ {
+ "$ref": "#/components/schemas/Pet"
+ },
+ {
+ "type": "object",
+ "properties": {
+ "packSize": {
+ "type": "integer",
+ "format": "int32",
+ "description": "the size of the pack the dog is from",
+ "default": 0,
+ "minimum": 0
+ }
+ },
+ "required": [
+ "packSize"
+ ]
+ }
+ ]
+ }
+ }
+ }
+}
+
+components:
+ schemas:
+ Pet:
+ type: object
+ discriminator:
+ propertyName: petType
+ properties:
+ name:
+ type: string
+ petType:
+ type: string
+ required:
+ - name
+ - petType
+ Cat: ## "Cat" will be used as the discriminator value
+ description: A representation of a cat
+ allOf:
+ - $ref: '#/components/schemas/Pet'
+ - type: object
+ properties:
+ huntingSkill:
+ type: string
+ description: The measured skill for hunting
+ enum:
+ - clueless
+ - lazy
+ - adventurous
+ - aggressive
+ required:
+ - huntingSkill
+ Dog: ## "Dog" will be used as the discriminator value
+ description: A representation of a dog
+ allOf:
+ - $ref: '#/components/schemas/Pet'
+ - type: object
+ properties:
+ packSize:
+ type: integer
+ format: int32
+ description: the size of the pack the dog is from
+ default: 0
+ minimum: 0
+ required:
+ - packSize
+Discriminator Object
+discriminator object can be used to aid in serialization, deserialization, and validation. The discriminator is a specific object in a schema which is used to inform the consumer of the specification of an alternative schema based on the value associated with it.Fixed Fields
+oneOf, anyOf, allOf.
+
+MyResponseType:
+ oneOf:
+ - $ref: '#/components/schemas/Cat'
+ - $ref: '#/components/schemas/Dog'
+ - $ref: '#/components/schemas/Lizard'
+Cat, Dog, or Lizard. In this case, a discriminator MAY act as a “hint” to shortcut validation and selection of the matching schema which may be a costly operation, depending on the complexity of the schema. We can then describe exactly which field tells us which schema to use:
+
+MyResponseType:
+ oneOf:
+ - $ref: '#/components/schemas/Cat'
+ - $ref: '#/components/schemas/Dog'
+ - $ref: '#/components/schemas/Lizard'
+ discriminator:
+ propertyName: pet_type
+pet_type MUST be present in the response payload, and the value will correspond to the name of a schema defined in the OAS document. Thus the response payload:
+
+{
+ "id": 12345,
+ "pet_type": "Cat"
+}
+Cat schema be used in conjunction with this payload.mapping definition MAY be used:
+
+MyResponseType:
+ oneOf:
+ - $ref: '#/components/schemas/Cat'
+ - $ref: '#/components/schemas/Dog'
+ - $ref: '#/components/schemas/Lizard'
+ - $ref: 'https://gigantic-server.com/schemas/Monster/schema.json'
+ discriminator:
+ propertyName: pet_type
+ mapping:
+ dog: '#/components/schemas/Dog'
+ monster: 'https://gigantic-server.com/schemas/Monster/schema.json'
+dog will map to the schema #/components/schemas/Dog, rather than the default (implicit) value of Dog. If the discriminator value does not match an implicit or explicit mapping, no schema can be determined and validation SHOULD fail. Mapping keys MUST be string values, but tooling MAY convert response values to strings for comparison.anyOf construct, the use of the discriminator can avoid ambiguity where multiple schemas may satisfy a single payload.oneOf and anyOf use cases, all possible schemas MUST be listed explicitly. To avoid redundancy, the discriminator MAY be added to a parent schema definition, and all schemas comprising the parent schema in an allOf construct may be used as an alternate schema.
+
+components:
+ schemas:
+ Pet:
+ type: object
+ required:
+ - pet_type
+ properties:
+ pet_type:
+ type: string
+ discriminator:
+ propertyName: pet_type
+ mapping:
+ cachorro: Dog
+ Cat:
+ allOf:
+ - $ref: '#/components/schemas/Pet'
+ - type: object
+ # all other properties specific to a `Cat`
+ properties:
+ name:
+ type: string
+ Dog:
+ allOf:
+ - $ref: '#/components/schemas/Pet'
+ - type: object
+ # all other properties specific to a `Dog`
+ properties:
+ bark:
+ type: string
+ Lizard:
+ allOf:
+ - $ref: '#/components/schemas/Pet'
+ - type: object
+ # all other properties specific to a `Lizard`
+ properties:
+ lovesRocks:
+ type: boolean
+
+
+{
+ "pet_type": "Cat",
+ "name": "misty"
+}
+Cat schema be used. Likewise this schema:
+
+{
+ "pet_type": "cachorro",
+ "bark": "soft"
+}
+Dog because of the definition in the mappings element.XML Object
+name property SHOULD be used to add that information.
+See examples for expected behavior.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ name
+stringReplaces the name of the element/attribute used for the described schema property. When defined within
+items, it will affect the name of the individual XML elements within the list. When defined alongside type being array (outside the items), it will affect the wrapping element and only if wrapped is true. If wrapped is false, it will be ignored.
+
+ namespace
+stringThe URI of the namespace definition. Value MUST be in the form of an absolute URI.
+
+
+ prefix
+stringThe prefix to be used for the name.
+
+
+ attribute
+booleanDeclares whether the property definition translates to an attribute instead of an element. Default value is
+false.
+
+
+ wrapped
+booleanMAY be used only for an array definition. Signifies whether the array is wrapped (for example,
+<books><book/><book/></books>) or unwrapped (<book/><book/>). Default value is false. The definition takes effect only when defined alongside type being array (outside the items).XML Object Examples
+No XML Element
+
+{
+ "animals": {
+ "type": "string"
+ }
+}
+
+animals:
+ type: string
+
+<animals>...</animals>
+wrapped is false by default):
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+
+<animals>...</animals>
+<animals>...</animals>
+<animals>...</animals>
+XML Name Replacement
+
+{
+ "animals": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ }
+}
+
+animals:
+ type: string
+ xml:
+ name: animal
+
+<animal>...</animal>
+XML Attribute, Prefix and Namespace
+
+{
+ "Person": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "integer",
+ "format": "int32",
+ "xml": {
+ "attribute": true
+ }
+ },
+ "name": {
+ "type": "string",
+ "xml": {
+ "namespace": "http://example.com/schema/sample",
+ "prefix": "sample"
+ }
+ }
+ }
+ }
+}
+
+Person:
+ type: object
+ properties:
+ id:
+ type: integer
+ format: int32
+ xml:
+ attribute: true
+ name:
+ type: string
+ xml:
+ namespace: http://example.com/schema/sample
+ prefix: sample
+
+<Person id="123">
+ <sample:name xmlns:sample="http://example.com/schema/sample">example</sample:name>
+</Person>
+XML Arrays
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: animal
+
+<animal>value</animal>
+<animal>value</animal>
+name property has no effect on the XML:
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ },
+ "xml": {
+ "name": "aliens"
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: animal
+ xml:
+ name: aliens
+
+<animal>value</animal>
+<animal>value</animal>
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ },
+ "xml": {
+ "wrapped": true
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ wrapped: true
+
+<animals>
+ <animals>value</animals>
+ <animals>value</animals>
+</animals>
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ },
+ "xml": {
+ "wrapped": true
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: animal
+ xml:
+ wrapped: true
+
+<animals>
+ <animal>value</animal>
+ <animal>value</animal>
+</animals>
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ },
+ "xml": {
+ "name": "aliens",
+ "wrapped": true
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: animal
+ xml:
+ name: aliens
+ wrapped: true
+
+<aliens>
+ <animal>value</animal>
+ <animal>value</animal>
+</aliens>
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ },
+ "xml": {
+ "name": "aliens",
+ "wrapped": true
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: aliens
+ wrapped: true
+
+<aliens>
+ <aliens>value</aliens>
+ <aliens>value</aliens>
+</aliens>
+Security Scheme Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Applies To
+Description
+
+
+ type
+stringAny
+REQUIRED. The type of the security scheme. Valid values are
+"apiKey", "http", "oauth2", "openIdConnect".
+
+ description
+stringAny
+A short description for security scheme. CommonMark syntax MAY be used for rich text representation.
+
+
+ name
+stringapiKeyREQUIRED. The name of the header, query or cookie parameter to be used.
+
+
+ in
+stringapiKeyREQUIRED. The location of the API key. Valid values are
+"query", "header" or "cookie".
+
+ scheme
+stringhttpREQUIRED. The name of the HTTP Authorization scheme to be used in the Authorization header as defined in [[!RFC7235]].
+
+
+ bearerFormat
+stringhttp ("bearer")A hint to the client to identify how the bearer token is formatted. Bearer tokens are usually generated by an authorization server, so this information is primarily for documentation purposes.
+
+
+ flows
+OAuth Flows Object
+oauth2REQUIRED. An object containing configuration information for the flow types supported.
+
+
+
+ openIdConnectUrl
+stringopenIdConnectREQUIRED. OpenId Connect URL to discover OAuth2 configuration values. This MUST be in the form of a URL.
+Security Scheme Object Example
+Basic Authentication Sample
+
+{
+ "type": "http",
+ "scheme": "basic"
+}
+
+type: http
+scheme: basic
+API Key Sample
+
+{
+ "type": "apiKey",
+ "name": "api_key",
+ "in": "header"
+}
+
+type: apiKey
+name: api_key
+in: header
+JWT Bearer Sample
+
+{
+ "type": "http",
+ "scheme": "bearer",
+ "bearerFormat": "JWT",
+}
+
+type: http
+scheme: bearer
+bearerFormat: JWT
+Implicit OAuth2 Sample
+
+{
+ "type": "oauth2",
+ "flows": {
+ "implicit": {
+ "authorizationUrl": "https://example.com/api/oauth/dialog",
+ "scopes": {
+ "write:pets": "modify pets in your account",
+ "read:pets": "read your pets"
+ }
+ }
+ }
+}
+
+type: oauth2
+flows:
+ implicit:
+ authorizationUrl: https://example.com/api/oauth/dialog
+ scopes:
+ write:pets: modify pets in your account
+ read:pets: read your pets
+OAuth Flows Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ implicit
+OAuth Flow Object
+Configuration for the OAuth Implicit flow
+
+
+ password
+OAuth Flow Object
+Configuration for the OAuth Resource Owner Password flow
+
+
+ clientCredentials
+OAuth Flow Object
+Configuration for the OAuth Client Credentials flow. Previously called
+application in OpenAPI 2.0.
+
+
+ authorizationCode
+OAuth Flow Object
+Configuration for the OAuth Authorization Code flow. Previously called
+accessCode in OpenAPI 2.0.OAuth Flow Object
+Fixed Fields
+OAuth Flow Object Examples
+
+{
+ "type": "oauth2",
+ "flows": {
+ "implicit": {
+ "authorizationUrl": "https://example.com/api/oauth/dialog",
+ "scopes": {
+ "write:pets": "modify pets in your account",
+ "read:pets": "read your pets"
+ }
+ },
+ "authorizationCode": {
+ "authorizationUrl": "https://example.com/api/oauth/dialog",
+ "tokenUrl": "https://example.com/api/oauth/token",
+ "scopes": {
+ "write:pets": "modify pets in your account",
+ "read:pets": "read your pets"
+ }
+ }
+ }
+}
+
+type: oauth2
+flows:
+ implicit:
+ authorizationUrl: https://example.com/api/oauth/dialog
+ scopes:
+ write:pets: modify pets in your account
+ read:pets: read your pets
+ authorizationCode:
+ authorizationUrl: https://example.com/api/oauth/dialog
+ tokenUrl: https://example.com/api/oauth/token
+ scopes:
+ write:pets: modify pets in your account
+ read:pets: read your pets
+Security Requirement Object
+Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ {name}
+[
+string]Each name MUST correspond to a security scheme which is declared in the Security Schemes under the Components Object. If the security scheme is of type
+"oauth2" or "openIdConnect", then the value is a list of scope names required for the execution. For other security scheme types, the array MUST be empty.Security Requirement Object Examples
+Non-OAuth2 Security Requirement
+
+{
+ "api_key": []
+}
+
+api_key: []
+OAuth2 Security Requirement
+
+{
+ "petstore_auth": [
+ "write:pets",
+ "read:pets"
+ ]
+}
+
+petstore_auth:
+- write:pets
+- read:pets
+Specification Extensions
+"x-".Security Filtering
+
+
+Appendix A: Revision History
+
+
+
+
diff --git a/docs/oas/v3.0.2.html b/docs/oas/v3.0.2.html
new file mode 100644
index 0000000000..62d24105fa
--- /dev/null
+++ b/docs/oas/v3.0.2.html
@@ -0,0 +1,4055 @@
+
+
+
+
+Version
+Date
+Notes
+
+
+3.0.1
+2017-12-06
+Patch release of the OpenAPI Specification 3.0.1
+
+
+3.0.0
+2017-07-26
+Release of the OpenAPI Specification 3.0.0
+
+
+3.0.0-rc2
+2017-06-16
+rc2 of the 3.0 specification
+
+
+3.0.0-rc1
+2017-04-27
+rc1 of the 3.0 specification
+
+
+3.0.0-rc0
+2017-02-28
+Implementer’s Draft of the 3.0 specification
+
+
+2.0
+2015-12-31
+Donation of Swagger 2.0 to the Open API Initiative
+
+
+2.0
+2014-09-08
+Release of Swagger 2.0
+
+
+1.2
+2014-03-14
+Initial release of the formal document.
+
+
+1.1
+2012-08-22
+Release of Swagger 1.1
+
+
+
+1.0
+2011-08-10
+First release of the Swagger Specification
+OpenAPI Specification v3.0.2
Status of This Document
The source-of-truth for the specification is the GitHub markdown file referenced above.OpenAPI Specification
+Version 3.0.2
+Introduction
+Definitions
+OpenAPI Document
+Path Templating
+Media Types
+
+
+ text/plain; charset=utf-8
+ application/json
+ application/vnd.github+json
+ application/vnd.github.v3+json
+ application/vnd.github.v3.raw+json
+ application/vnd.github.v3.text+json
+ application/vnd.github.v3.html+json
+ application/vnd.github.v3.full+json
+ application/vnd.github.v3.diff
+ application/vnd.github.v3.patch
+HTTP Status Codes
+Specification
+Versions
+major.minor portion of the semver (for example 3.0) SHALL designate the OAS feature set. Typically, .patch versions address errors in this document, not the feature set. Tooling which supports OAS 3.0 SHOULD be compatible with all OAS 3.0.* versions. The patch version SHOULD NOT be considered by tooling, making no distinction between 3.0.0 and 3.0.1 for example.minor version number) SHOULD NOT interfere with tooling developed to a lower minor version and same major version. Thus a hypothetical 3.1.0 specification SHOULD be usable with tooling designed for 3.0.0.openapi field which designates the semantic version of the OAS that it uses. (OAS 2.0 documents contain a top-level version field named swagger and value "2.0".)Format
+
+{
+ "field": [ 1, 2, 3 ]
+}
+
+
+Document Structure
+$ref fields MUST be used in the specification to reference those parts as follows from the JSON Schema definitions.openapi.json or openapi.yaml.Data Types
+integer as a type is also supported and is defined as a JSON number without a fraction or exponent part.
+null is not supported as a type (see nullable for an alternative solution).
+Models are defined using the Schema Object, which is an extended subset of JSON Schema Specification Wright Draft 00.format.
+OAS uses several known formats to define in fine detail the data type being used.
+However, to support documentation needs, the format property is an open string-valued property, and can have any value.
+Formats such as "email", "uuid", and so on, MAY be used even though undefined by this specification.
+Types that are not accompanied by a format property follow the type definition in the JSON Schema. Tools that do not recognize a specific format MAY default back to the type alone, as if the format is not specified.
+
+
+
+
+
+
+typeformatComments
+
+
+integerint32signed 32 bits
+
+
+integerint64signed 64 bits (a.k.a long)
+
+
+numberfloat
+
+
+numberdouble
+
+
+string
+
+
+
+stringbytebase64 encoded characters
+
+
+stringbinaryany sequence of octets
+
+
+boolean
+
+
+
+stringdateAs defined by
+full-date - [!RFC3339]
+
+stringdate-timeAs defined by
+date-time - [!RFC3339]
+
+
+stringpasswordA hint to UIs to obscure input.
+Rich Text Formatting
+description fields are noted as supporting CommonMark markdown formatting.
+Where OpenAPI tooling renders rich text it MUST support, at a minimum, markdown syntax as described by CommonMark 0.27. Tooling MAY choose to ignore some CommonMark features to address security concerns.Relative References in URLs
+Server Object as a Base URI.$ref are processed as per JSON Reference, using the URL of the current document as the base URI. See also the Reference Object.Schema
+OpenAPI Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ openapi
+stringREQUIRED. This string MUST be the semantic version number of the OpenAPI Specification version that the OpenAPI document uses. The
+openapi field SHOULD be used by tooling specifications and clients to interpret the OpenAPI document. This is not related to the API info.version string.
+
+ info
+Info Object
+REQUIRED. Provides metadata about the API. The metadata MAY be used by tooling as required.
+
+
+ servers
+[Server Object]
+An array of Server Objects, which provide connectivity information to a target server. If the
+servers property is not provided, or is an empty array, the default value would be a Server Object with a url value of /.
+
+ paths
+Paths Object
+REQUIRED. The available paths and operations for the API.
+
+
+ components
+Components Object
+An element to hold various schemas for the specification.
+
+
+ security
+[Security Requirement Object]
+A declaration of which security mechanisms can be used across the API. The list of values includes alternative security requirement objects that can be used. Only one of the security requirement objects need to be satisfied to authorize a request. Individual operations can override this definition.
+
+
+ tags
+[Tag Object]
+A list of tags used by the specification with additional metadata. The order of the tags can be used to reflect on their order by the parsing tools. Not all tags that are used by the Operation Object must be declared. The tags that are not declared MAY be organized randomly or based on the tools’ logic. Each tag name in the list MUST be unique.
+
+
+
+ externalDocs
+External Documentation Object
+Additional external documentation.
+Info Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ title
+stringREQUIRED. The title of the application.
+
+
+ description
+stringA short description of the application. CommonMark syntax MAY be used for rich text representation.
+
+
+ termsOfService
+stringA URL to the Terms of Service for the API. MUST be in the format of a URL.
+
+
+ contact
+Contact Object
+The contact information for the exposed API.
+
+
+ license
+License Object
+The license information for the exposed API.
+
+
+
+ version
+stringREQUIRED. The version of the OpenAPI document (which is distinct from the OpenAPI Specification version or the API implementation version).
+Info Object Example
+
+{
+ "title": "Sample Pet Store App",
+ "description": "This is a sample server for a pet store.",
+ "termsOfService": "http://example.com/terms/",
+ "contact": {
+ "name": "API Support",
+ "url": "http://www.example.com/support",
+ "email": "support@example.com"
+ },
+ "license": {
+ "name": "Apache 2.0",
+ "url": "https://www.apache.org/licenses/LICENSE-2.0.html"
+ },
+ "version": "1.0.1"
+}
+
+title: Sample Pet Store App
+description: This is a sample server for a pet store.
+termsOfService: http://example.com/terms/
+contact:
+ name: API Support
+ url: http://www.example.com/support
+ email: support@example.com
+license:
+ name: Apache 2.0
+ url: https://www.apache.org/licenses/LICENSE-2.0.html
+version: 1.0.1
+Contact Object
+Fixed Fields
+Contact Object Example
+
+{
+ "name": "API Support",
+ "url": "http://www.example.com/support",
+ "email": "support@example.com"
+}
+
+name: API Support
+url: http://www.example.com/support
+email: support@example.com
+License Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ name
+stringREQUIRED. The license name used for the API.
+
+
+
+ url
+stringA URL to the license used for the API. MUST be in the format of a URL.
+License Object Example
+
+{
+ "name": "Apache 2.0",
+ "url": "https://www.apache.org/licenses/LICENSE-2.0.html"
+}
+
+name: Apache 2.0
+url: https://www.apache.org/licenses/LICENSE-2.0.html
+Server Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ url
+stringREQUIRED. A URL to the target host. This URL supports Server Variables and MAY be relative, to indicate that the host location is relative to the location where the OpenAPI document is being served. Variable substitutions will be made when a variable is named in
+{brackets}.
+
+ description
+stringAn optional string describing the host designated by the URL. CommonMark syntax MAY be used for rich text representation.
+
+
+
+ variables
+Map[
+string, Server Variable Object]A map between a variable name and its value. The value is used for substitution in the server’s URL template.
+Server Object Example
+
+{
+ "url": "https://development.gigantic-server.com/v1",
+ "description": "Development server"
+}
+
+url: https://development.gigantic-server.com/v1
+description: Development server
+servers:
+{
+ "servers": [
+ {
+ "url": "https://development.gigantic-server.com/v1",
+ "description": "Development server"
+ },
+ {
+ "url": "https://staging.gigantic-server.com/v1",
+ "description": "Staging server"
+ },
+ {
+ "url": "https://api.gigantic-server.com/v1",
+ "description": "Production server"
+ }
+ ]
+}
+
+servers:
+- url: https://development.gigantic-server.com/v1
+ description: Development server
+- url: https://staging.gigantic-server.com/v1
+ description: Staging server
+- url: https://api.gigantic-server.com/v1
+ description: Production server
+
+{
+ "servers": [
+ {
+ "url": "https://{username}.gigantic-server.com:{port}/{basePath}",
+ "description": "The production API server",
+ "variables": {
+ "username": {
+ "default": "demo",
+ "description": "this value is assigned by the service provider, in this example `gigantic-server.com`"
+ },
+ "port": {
+ "enum": [
+ "8443",
+ "443"
+ ],
+ "default": "8443"
+ },
+ "basePath": {
+ "default": "v2"
+ }
+ }
+ }
+ ]
+}
+
+servers:
+- url: https://{username}.gigantic-server.com:{port}/{basePath}
+ description: The production API server
+ variables:
+ username:
+ # note! no enum here means it is an open value
+ default: demo
+ description: this value is assigned by the service provider, in this example `gigantic-server.com`
+ port:
+ enum:
+ - '8443'
+ - '443'
+ default: '8443'
+ basePath:
+ # open meaning there is the opportunity to use special base paths as assigned by the provider, default is `v2`
+ default: v2
+Server Variable Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ enum
+[
+string]An enumeration of string values to be used if the substitution options are from a limited set.
+
+
+ default
+stringREQUIRED. The default value to use for substitution, which SHALL be sent if an alternate value is not supplied. Note this behavior is different than the Schema Object’s treatment of default values, because in those cases parameter values are optional.
+
+
+
+ description
+stringAn optional description for the server variable. CommonMark syntax MAY be used for rich text representation.
+Components Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ schemas
+Map[
+string, Schema Object | Reference Object]An object to hold reusable Schema Objects.
+
+
+ responses
+Map[
+string, Response Object | Reference Object]An object to hold reusable Response Objects.
+
+
+ parameters
+Map[
+string, Parameter Object | Reference Object]An object to hold reusable Parameter Objects.
+
+
+ examples
+Map[
+string, Example Object | Reference Object]An object to hold reusable Example Objects.
+
+
+ requestBodies
+Map[
+string, Request Body Object | Reference Object]An object to hold reusable Request Body Objects.
+
+
+ headers
+Map[
+string, Header Object | Reference Object]An object to hold reusable Header Objects.
+
+
+ securitySchemes
+Map[
+string, Security Scheme Object | Reference Object]An object to hold reusable Security Scheme Objects.
+
+
+ links
+Map[
+string, Link Object | Reference Object]An object to hold reusable Link Objects.
+
+
+
+ callbacks
+Map[
+string, Callback Object | Reference Object]An object to hold reusable Callback Objects.
+^[a-zA-Z0-9\.\-_]+$.
+
+User
+User_1
+User_Name
+user-name
+my.org.User
+Components Object Example
+
+"components": {
+ "schemas": {
+ "GeneralError": {
+ "type": "object",
+ "properties": {
+ "code": {
+ "type": "integer",
+ "format": "int32"
+ },
+ "message": {
+ "type": "string"
+ }
+ }
+ },
+ "Category": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "integer",
+ "format": "int64"
+ },
+ "name": {
+ "type": "string"
+ }
+ }
+ },
+ "Tag": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "integer",
+ "format": "int64"
+ },
+ "name": {
+ "type": "string"
+ }
+ }
+ }
+ },
+ "parameters": {
+ "skipParam": {
+ "name": "skip",
+ "in": "query",
+ "description": "number of items to skip",
+ "required": true,
+ "schema": {
+ "type": "integer",
+ "format": "int32"
+ }
+ },
+ "limitParam": {
+ "name": "limit",
+ "in": "query",
+ "description": "max records to return",
+ "required": true,
+ "schema" : {
+ "type": "integer",
+ "format": "int32"
+ }
+ }
+ },
+ "responses": {
+ "NotFound": {
+ "description": "Entity not found."
+ },
+ "IllegalInput": {
+ "description": "Illegal input for operation."
+ },
+ "GeneralError": {
+ "description": "General Error",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GeneralError"
+ }
+ }
+ }
+ }
+ },
+ "securitySchemes": {
+ "api_key": {
+ "type": "apiKey",
+ "name": "api_key",
+ "in": "header"
+ },
+ "petstore_auth": {
+ "type": "oauth2",
+ "flows": {
+ "implicit": {
+ "authorizationUrl": "http://example.org/api/oauth/dialog",
+ "scopes": {
+ "write:pets": "modify pets in your account",
+ "read:pets": "read your pets"
+ }
+ }
+ }
+ }
+ }
+}
+
+components:
+ schemas:
+ GeneralError:
+ type: object
+ properties:
+ code:
+ type: integer
+ format: int32
+ message:
+ type: string
+ Category:
+ type: object
+ properties:
+ id:
+ type: integer
+ format: int64
+ name:
+ type: string
+ Tag:
+ type: object
+ properties:
+ id:
+ type: integer
+ format: int64
+ name:
+ type: string
+ parameters:
+ skipParam:
+ name: skip
+ in: query
+ description: number of items to skip
+ required: true
+ schema:
+ type: integer
+ format: int32
+ limitParam:
+ name: limit
+ in: query
+ description: max records to return
+ required: true
+ schema:
+ type: integer
+ format: int32
+ responses:
+ NotFound:
+ description: Entity not found.
+ IllegalInput:
+ description: Illegal input for operation.
+ GeneralError:
+ description: General Error
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GeneralError'
+ securitySchemes:
+ api_key:
+ type: apiKey
+ name: api_key
+ in: header
+ petstore_auth:
+ type: oauth2
+ flows:
+ implicit:
+ authorizationUrl: http://example.org/api/oauth/dialog
+ scopes:
+ write:pets: modify pets in your account
+ read:pets: read your pets
+Paths Object
+Server Object in order to construct the full URL. The Paths MAY be empty, due to ACL constraints.Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ /{path}
+Path Item Object
+A relative path to an individual endpoint. The field name MUST begin with a slash. The path is appended (no relative URL resolution) to the expanded URL from the
+Server Object’s url field in order to construct the full URL. Path templating is allowed. When matching URLs, concrete (non-templated) paths would be matched before their templated counterparts. Templated paths with the same hierarchy but different templated names MUST NOT exist as they are identical. In case of ambiguous matching, it’s up to the tooling to decide which one to use.Path Templating Matching
+/pets/mine, will be matched first if used:
+
+ /pets/{petId}
+ /pets/mine
+
+
+ /pets/{petId}
+ /pets/{name}
+
+
+ /{entity}/me
+ /books/{id}
+Paths Object Example
+
+{
+ "/pets": {
+ "get": {
+ "description": "Returns all pets from the system that the user has access to",
+ "responses": {
+ "200": {
+ "description": "A list of pets.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/pet"
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+}
+
+/pets:
+ get:
+ description: Returns all pets from the system that the user has access to
+ responses:
+ '200':
+ description: A list of pets.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/pet'
+Path Item Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ $ref
+stringAllows for an external definition of this path item. The referenced structure MUST be in the format of a Path Item Object. If there are conflicts between the referenced definition and this Path Item’s definition, the behavior is undefined.
+
+
+ summary
+stringAn optional, string summary, intended to apply to all operations in this path.
+
+
+ description
+stringAn optional, string description, intended to apply to all operations in this path. CommonMark syntax MAY be used for rich text representation.
+
+
+ get
+Operation Object
+A definition of a GET operation on this path.
+
+
+ put
+Operation Object
+A definition of a PUT operation on this path.
+
+
+ post
+Operation Object
+A definition of a POST operation on this path.
+
+
+ delete
+Operation Object
+A definition of a DELETE operation on this path.
+
+
+ options
+Operation Object
+A definition of a OPTIONS operation on this path.
+
+
+ head
+Operation Object
+A definition of a HEAD operation on this path.
+
+
+ patch
+Operation Object
+A definition of a PATCH operation on this path.
+
+
+ trace
+Operation Object
+A definition of a TRACE operation on this path.
+
+
+ servers
+[Server Object]
+An alternative
+server array to service all operations in this path.
+
+
+ parameters
+[Parameter Object | Reference Object]
+A list of parameters that are applicable for all the operations described under this path. These parameters can be overridden at the operation level, but cannot be removed there. The list MUST NOT include duplicated parameters. A unique parameter is defined by a combination of a name and location. The list can use the Reference Object to link to parameters that are defined at the OpenAPI Object’s components/parameters.
+Path Item Object Example
+
+{
+ "get": {
+ "description": "Returns pets based on ID",
+ "summary": "Find pets by ID",
+ "operationId": "getPetsById",
+ "responses": {
+ "200": {
+ "description": "pet response",
+ "content": {
+ "*/*": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/Pet"
+ }
+ }
+ }
+ }
+ },
+ "default": {
+ "description": "error payload",
+ "content": {
+ "text/html": {
+ "schema": {
+ "$ref": "#/components/schemas/ErrorModel"
+ }
+ }
+ }
+ }
+ }
+ },
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of pet to use",
+ "required": true,
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "style": "simple"
+ }
+ ]
+}
+
+get:
+ description: Returns pets based on ID
+ summary: Find pets by ID
+ operationId: getPetsById
+ responses:
+ '200':
+ description: pet response
+ content:
+ '*/*' :
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/Pet'
+ default:
+ description: error payload
+ content:
+ 'text/html':
+ schema:
+ $ref: '#/components/schemas/ErrorModel'
+parameters:
+- name: id
+ in: path
+ description: ID of pet to use
+ required: true
+ schema:
+ type: array
+ style: simple
+ items:
+ type: string
+Operation Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ tags
+[
+string]A list of tags for API documentation control. Tags can be used for logical grouping of operations by resources or any other qualifier.
+
+
+ summary
+stringA short summary of what the operation does.
+
+
+ description
+stringA verbose explanation of the operation behavior. CommonMark syntax MAY be used for rich text representation.
+
+
+ externalDocs
+External Documentation Object
+Additional external documentation for this operation.
+
+
+ operationId
+stringUnique string used to identify the operation. The id MUST be unique among all operations described in the API. The operationId value is case-sensitive. Tools and libraries MAY use the operationId to uniquely identify an operation, therefore, it is RECOMMENDED to follow common programming naming conventions.
+
+
+ parameters
+[Parameter Object | Reference Object]
+A list of parameters that are applicable for this operation. If a parameter is already defined at the Path Item, the new definition will override it but can never remove it. The list MUST NOT include duplicated parameters. A unique parameter is defined by a combination of a name and location. The list can use the Reference Object to link to parameters that are defined at the OpenAPI Object’s components/parameters.
+
+
+ requestBody
+Request Body Object | Reference Object
+The request body applicable for this operation. The
+requestBody is only supported in HTTP methods where the HTTP 1.1 specification [[!RFC7231]] has explicitly defined semantics for request bodies. In other cases where the HTTP spec is vague, requestBody SHALL be ignored by consumers.
+
+ responses
+Responses Object
+REQUIRED. The list of possible responses as they are returned from executing this operation.
+
+
+ callbacks
+Map[
+string, Callback Object | Reference Object]A map of possible out-of band callbacks related to the parent operation. The key is a unique identifier for the Callback Object. Each value in the map is a Callback Object that describes a request that may be initiated by the API provider and the expected responses. The key value used to identify the callback object is an expression, evaluated at runtime, that identifies a URL to use for the callback operation.
+
+
+ deprecated
+booleanDeclares this operation to be deprecated. Consumers SHOULD refrain from usage of the declared operation. Default value is
+false.
+
+ security
+[Security Requirement Object]
+A declaration of which security mechanisms can be used for this operation. The list of values includes alternative security requirement objects that can be used. Only one of the security requirement objects need to be satisfied to authorize a request. This definition overrides any declared top-level
+security. To remove a top-level security declaration, an empty array can be used.
+
+
+ servers
+[Server Object]
+An alternative
+server array to service this operation. If an alternative server object is specified at the Path Item Object or Root level, it will be overridden by this value.Operation Object Example
+
+{
+ "tags": [
+ "pet"
+ ],
+ "summary": "Updates a pet in the store with form data",
+ "operationId": "updatePetWithForm",
+ "parameters": [
+ {
+ "name": "petId",
+ "in": "path",
+ "description": "ID of pet that needs to be updated",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "type": "object",
+ "properties": {
+ "name": {
+ "description": "Updated name of the pet",
+ "type": "string"
+ },
+ "status": {
+ "description": "Updated status of the pet",
+ "type": "string"
+ }
+ },
+ "required": ["status"]
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Pet updated.",
+ "content": {
+ "application/json": {},
+ "application/xml": {}
+ }
+ },
+ "405": {
+ "description": "Method Not Allowed",
+ "content": {
+ "application/json": {},
+ "application/xml": {}
+ }
+ }
+ },
+ "security": [
+ {
+ "petstore_auth": [
+ "write:pets",
+ "read:pets"
+ ]
+ }
+ ]
+}
+
+tags:
+- pet
+summary: Updates a pet in the store with form data
+operationId: updatePetWithForm
+parameters:
+- name: petId
+ in: path
+ description: ID of pet that needs to be updated
+ required: true
+ schema:
+ type: string
+requestBody:
+ content:
+ 'application/x-www-form-urlencoded':
+ schema:
+ properties:
+ name:
+ description: Updated name of the pet
+ type: string
+ status:
+ description: Updated status of the pet
+ type: string
+ required:
+ - status
+responses:
+ '200':
+ description: Pet updated.
+ content:
+ 'application/json': {}
+ 'application/xml': {}
+ '405':
+ description: Method Not Allowed
+ content:
+ 'application/json': {}
+ 'application/xml': {}
+security:
+- petstore_auth:
+ - write:pets
+ - read:pets
+External Documentation Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ description
+stringA short description of the target documentation. CommonMark syntax MAY be used for rich text representation.
+
+
+
+ url
+stringREQUIRED. The URL for the target documentation. Value MUST be in the format of a URL.
+External Documentation Object Example
+
+{
+ "description": "Find more info here",
+ "url": "https://example.com"
+}
+
+description: Find more info here
+url: https://example.com
+Parameter Object
+Parameter Locations
+in field:
+
+/items/{itemId}, the path parameter is itemId./items?id=###, the query parameter is id.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ name
+stringREQUIRED. The name of the parameter. Parameter names are case sensitive.
+in is "path", the name field MUST correspond to the associated path segment from the path field in the Paths Object. See Path Templating for further information.in is "header" and the name field is "Accept", "Content-Type" or "Authorization", the parameter definition SHALL be ignored.name corresponds to the parameter name used by the in property.
+
+ in
+stringREQUIRED. The location of the parameter. Possible values are “query”, “header”, “path” or “cookie”.
+
+
+ description
+stringA brief description of the parameter. This could contain examples of use. CommonMark syntax MAY be used for rich text representation.
+
+
+ required
+booleanDetermines whether this parameter is mandatory. If the parameter location is “path”, this property is REQUIRED and its value MUST be
+true. Otherwise, the property MAY be included and its default value is false.
+
+ deprecated
+booleanSpecifies that a parameter is deprecated and SHOULD be transitioned out of usage. Default value is
+false.
+
+
+ allowEmptyValue
+booleanSets the ability to pass empty-valued parameters. This is valid only for
+query parameters and allows sending a parameter with an empty value. Default value is false. If style is used, and if behavior is n/a (cannot be serialized), the value of allowEmptyValue SHALL be ignored. Use of this property is NOT RECOMMENDED, as it is likely to be removed in a later revision.schema and style can describe the structure and syntax of the parameter.
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ style
+stringDescribes how the parameter value will be serialized depending on the type of the parameter value. Default values (based on value of
+in): for query - form; for path - simple; for header - simple; for cookie - form.
+
+ explode
+booleanWhen this is true, parameter values of type
+array or object generate separate parameters for each value of the array or key-value pair of the map. For other types of parameters this property has no effect. When style is form, the default value is true. For all other styles, the default value is false.
+
+ allowReserved
+booleanDetermines whether the parameter value SHOULD allow reserved characters, as defined by [[!RFC3986]]
+:/?#[]@!$&'()*+,;= to be included without percent-encoding. This property only applies to parameters with an in value of query. The default value is false.
+
+ schema
+Schema Object | Reference Object
+The schema defining the type used for the parameter.
+
+
+ example
+Any
+Example of the media type. The example SHOULD match the specified schema and encoding properties if present. The
+example field is mutually exclusive of the examples field. Furthermore, if referencing a schema which contains an example, the example value SHALL override the example provided by the schema. To represent examples of media types that cannot naturally be represented in JSON or YAML, a string value can contain the example with escaping where necessary.
+
+
+ examples
+Map[
+string, Example Object | Reference Object]Examples of the media type. Each example SHOULD contain a value in the correct format as specified in the parameter encoding. The
+examples field is mutually exclusive of the example field. Furthermore, if referencing a schema which contains an example, the examples value SHALL override the example provided by the schema.content property can define the media type and schema of the parameter.
+A parameter MUST contain either a schema property, or a content property, but not both.
+When example or examples are provided in conjunction with the schema object, the example MUST follow the prescribed serialization strategy for the parameter.
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+
+ content
+Map[
+string, Media Type Object]A map containing the representations for the parameter. The key is the media type and the value describes it. The map MUST only contain one entry.
+Style Values
+style values are defined.
+
+
+
+
+
+
+styletypeinComments
+
+
+matrix
+primitive, array, objectpathPath-style parameters defined by [[!RFC6570]]
+
+
+label
+primitive, array, objectpathLabel style parameters defined by [[!RFC6570]]
+
+
+form
+primitive, array, objectquery, cookieForm style parameters defined by [[!RFC6570]]. This option replaces
+collectionFormat with a csv (when explode is false) or multi (when explode is true) value from OpenAPI 2.0.
+
+simple
+arraypath, headerSimple style parameters defined by [[!RFC6570]]. This option replaces
+collectionFormat with a csv value from OpenAPI 2.0.
+
+spaceDelimited
+arrayquerySpace separated array values. This option replaces
+collectionFormat equal to ssv from OpenAPI 2.0.
+
+pipeDelimited
+arrayqueryPipe separated array values. This option replaces
+collectionFormat equal to pipes from OpenAPI 2.0.
+
+
+deepObject
+objectqueryProvides a simple way of rendering nested objects using form parameters.
+Style Examples
+color has one of the following values:
+
+ string -> "blue"
+ array -> ["blue","black","brown"]
+ object -> { "R": 100, "G": 200, "B": 150 }
+
+
+
+
+
+
+
+styleexplodeemptystringarrayobject
+
+matrix
+false
+;color
+;color=blue
+;color=blue,black,brown
+;color=R,100,G,200,B,150
+
+
+matrix
+true
+;color
+;color=blue
+;color=blue;color=black;color=brown
+;R=100;G=200;B=150
+
+
+label
+false
+.
+.blue
+.blue.black.brown
+.R.100.G.200.B.150
+
+
+label
+true
+.
+.blue
+.blue.black.brown
+.R=100.G=200.B=150
+
+
+form
+false
+color=
+color=blue
+color=blue,black,brown
+color=R,100,G,200,B,150
+
+
+form
+true
+color=
+color=blue
+color=blue&color=black&color=brown
+R=100&G=200&B=150
+
+
+simple
+false
+n/a
+blue
+blue,black,brown
+R,100,G,200,B,150
+
+
+simple
+true
+n/a
+blue
+blue,black,brown
+R=100,G=200,B=150
+
+
+spaceDelimited
+false
+n/a
+n/a
+blue%20black%20brown
+R%20100%20G%20200%20B%20150
+
+
+pipeDelimited
+false
+n/a
+n/a
+blue|black|brown
+R|100|G|200
+
+
+
+deepObject
+true
+n/a
+n/a
+n/a
+color[R]=100&color[G]=200&color[B]=150
+Parameter Object Examples
+
+{
+ "name": "token",
+ "in": "header",
+ "description": "token to be passed as a header",
+ "required": true,
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "integer",
+ "format": "int64"
+ }
+ },
+ "style": "simple"
+}
+
+name: token
+in: header
+description: token to be passed as a header
+required: true
+schema:
+ type: array
+ items:
+ type: integer
+ format: int64
+style: simple
+
+{
+ "name": "username",
+ "in": "path",
+ "description": "username to fetch",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+}
+
+name: username
+in: path
+description: username to fetch
+required: true
+schema:
+ type: string
+
+{
+ "name": "id",
+ "in": "query",
+ "description": "ID of the object to fetch",
+ "required": false,
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "style": "form",
+ "explode": true
+}
+
+name: id
+in: query
+description: ID of the object to fetch
+required: false
+schema:
+ type: array
+ items:
+ type: string
+style: form
+explode: true
+
+{
+ "in": "query",
+ "name": "freeForm",
+ "schema": {
+ "type": "object",
+ "additionalProperties": {
+ "type": "integer"
+ },
+ },
+ "style": "form"
+}
+
+in: query
+name: freeForm
+schema:
+ type: object
+ additionalProperties:
+ type: integer
+style: form
+content to define serialization:
+{
+ "in": "query",
+ "name": "coordinates",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "object",
+ "required": [
+ "lat",
+ "long"
+ ],
+ "properties": {
+ "lat": {
+ "type": "number"
+ },
+ "long": {
+ "type": "number"
+ }
+ }
+ }
+ }
+ }
+}
+
+in: query
+name: coordinates
+content:
+ application/json:
+ schema:
+ type: object
+ required:
+ - lat
+ - long
+ properties:
+ lat:
+ type: number
+ long:
+ type: number
+Request Body Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ description
+stringA brief description of the request body. This could contain examples of use. CommonMark syntax MAY be used for rich text representation.
+
+
+ content
+Map[
+string, Media Type Object]REQUIRED. The content of the request body. The key is a media type or media type range and the value describes it. For requests that match multiple keys, only the most specific key is applicable. e.g. text/plain overrides text/*
+
+
+
+ required
+booleanDetermines if the request body is required in the request. Defaults to
+false.Request Body Examples
+
+{
+ "description": "user to add to the system",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/User"
+ },
+ "examples": {
+ "user" : {
+ "summary": "User Example",
+ "externalValue": "http://foo.bar/examples/user-example.json"
+ }
+ }
+ },
+ "application/xml": {
+ "schema": {
+ "$ref": "#/components/schemas/User"
+ },
+ "examples": {
+ "user" : {
+ "summary": "User example in XML",
+ "externalValue": "http://foo.bar/examples/user-example.xml"
+ }
+ }
+ },
+ "text/plain": {
+ "examples": {
+ "user" : {
+ "summary": "User example in Plain text",
+ "externalValue": "http://foo.bar/examples/user-example.txt"
+ }
+ }
+ },
+ "*/*": {
+ "examples": {
+ "user" : {
+ "summary": "User example in other format",
+ "externalValue": "http://foo.bar/examples/user-example.whatever"
+ }
+ }
+ }
+ }
+}
+
+description: user to add to the system
+content:
+ 'application/json':
+ schema:
+ $ref: '#/components/schemas/User'
+ examples:
+ user:
+ summary: User Example
+ externalValue: 'http://foo.bar/examples/user-example.json'
+ 'application/xml':
+ schema:
+ $ref: '#/components/schemas/User'
+ examples:
+ user:
+ summary: User Example in XML
+ externalValue: 'http://foo.bar/examples/user-example.xml'
+ 'text/plain':
+ examples:
+ user:
+ summary: User example in text plain format
+ externalValue: 'http://foo.bar/examples/user-example.txt'
+ '*/*':
+ examples:
+ user:
+ summary: User example in other format
+ externalValue: 'http://foo.bar/examples/user-example.whatever'
+
+{
+ "description": "user to add to the system",
+ "content": {
+ "text/plain": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ }
+ }
+}
+
+description: user to add to the system
+required: true
+content:
+ text/plain:
+ schema:
+ type: array
+ items:
+ type: string
+Media Type Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ schema
+Schema Object | Reference Object
+The schema defining the content of the request, response, or parameter.
+
+
+ example
+Any
+Example of the media type. The example object SHOULD be in the correct format as specified by the media type. The
+example field is mutually exclusive of the examples field. Furthermore, if referencing a schema which contains an example, the example value SHALL override the example provided by the schema.
+
+ examples
+Map[
+string, Example Object | Reference Object]Examples of the media type. Each example object SHOULD match the media type and specified schema if present. The
+examples field is mutually exclusive of the example field. Furthermore, if referencing a schema which contains an example, the examples value SHALL override the example provided by the schema.
+
+
+ encoding
+Map[
+string, Encoding Object]A map between a property name and its encoding information. The key, being the property name, MUST exist in the schema as a property. The encoding object SHALL only apply to
+requestBody objects when the media type is multipart or application/x-www-form-urlencoded.Media Type Examples
+
+{
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/Pet"
+ },
+ "examples": {
+ "cat" : {
+ "summary": "An example of a cat",
+ "value":
+ {
+ "name": "Fluffy",
+ "petType": "Cat",
+ "color": "White",
+ "gender": "male",
+ "breed": "Persian"
+ }
+ },
+ "dog": {
+ "summary": "An example of a dog with a cat's name",
+ "value" : {
+ "name": "Puma",
+ "petType": "Dog",
+ "color": "Black",
+ "gender": "Female",
+ "breed": "Mixed"
+ },
+ "frog": {
+ "$ref": "#/components/examples/frog-example"
+ }
+ }
+ }
+ }
+}
+
+application/json:
+ schema:
+ $ref: "#/components/schemas/Pet"
+ examples:
+ cat:
+ summary: An example of a cat
+ value:
+ name: Fluffy
+ petType: Cat
+ color: White
+ gender: male
+ breed: Persian
+ dog:
+ summary: An example of a dog with a cat's name
+ value:
+ name: Puma
+ petType: Dog
+ color: Black
+ gender: Female
+ breed: Mixed
+ frog:
+ $ref: "#/components/examples/frog-example"
+Considerations for File Uploads
+file input/output content in OpenAPI is described with the same semantics as any other schema type. Specifically:
+# content transferred with base64 encoding
+schema:
+ type: string
+ format: base64
+
+# content transferred in binary (octet-stream):
+schema:
+ type: string
+ format: binary
+requestBody for submitting a file in a POST operation may look like the following example:
+requestBody:
+ content:
+ application/octet-stream:
+ # any media type is accepted, functionally equivalent to `*/*`
+ schema:
+ # a binary file of any type
+ type: string
+ format: binary
+
+# multiple, specific media types may be specified:
+requestBody:
+ content:
+ # a binary file of type png or jpeg
+ 'image/jpeg':
+ schema:
+ type: string
+ format: binary
+ 'image/png':
+ schema:
+ type: string
+ format: binary
+multipart media type MUST be used:
+requestBody:
+ content:
+ multipart/form-data:
+ schema:
+ properties:
+ # The property name 'file' will be used for all files.
+ file:
+ type: array
+ items:
+ type: string
+ format: binary
+
+Support for x-www-form-urlencoded Request Bodies
+
+requestBody:
+ content:
+ application/x-www-form-urlencoded:
+ schema:
+ type: object
+ properties:
+ id:
+ type: string
+ format: uuid
+ address:
+ # complex types are stringified to support RFC 1866
+ type: object
+ properties: {}
+requestBody MUST be stringified per [[!RFC1866]] when passed to the server. In addition, the address field complex object will be stringified.application/x-www-form-urlencoded content type, the default serialization strategy of such properties is described in the Encoding Object’s style property as form.Special Considerations for
+multipart Contentmultipart/form-data as a Content-Type when transferring request bodies to operations. In contrast to 2.0, a schema is REQUIRED to define the input parameters to the operation when using multipart content. This supports complex structures as well as supporting mechanisms for multiple file uploads.multipart types, boundaries MAY be used to separate sections of the content being transferred — thus, the following default Content-Types are defined for multipart:
+
+text/plainapplication/jsontype: string with format: binary or format: base64 (aka a file object), the default Content-Type is application/octet-stream
+requestBody:
+ content:
+ multipart/form-data:
+ schema:
+ type: object
+ properties:
+ id:
+ type: string
+ format: uuid
+ address:
+ # default Content-Type for objects is `application/json`
+ type: object
+ properties: {}
+ profileImage:
+ # default Content-Type for string/binary is `application/octet-stream`
+ type: string
+ format: binary
+ children:
+ # default Content-Type for arrays is based on the `inner` type (text/plain here)
+ type: array
+ items:
+ type: string
+ addresses:
+ # default Content-Type for arrays is based on the `inner` type (object shown, so `application/json` in this example)
+ type: array
+ items:
+ type: '#/components/schemas/Address'
+encoding attribute is introduced to give you control over the serialization of parts of multipart request bodies. This attribute is only applicable to multipart and application/x-www-form-urlencoded request bodies.Encoding Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ contentType
+stringThe Content-Type for encoding a specific property. Default value depends on the property type: for
+string with format being binary – application/octet-stream; for other primitive types – text/plain; for object - application/json; for array – the default is defined based on the inner type. The value can be a specific media type (e.g. application/json), a wildcard media type (e.g. image/*), or a comma-separated list of the two types.
+
+ headers
+Map[
+string, Header Object | Reference Object]A map allowing additional information to be provided as headers, for example
+Content-Disposition. Content-Type is described separately and SHALL be ignored in this section. This property SHALL be ignored if the request body media type is not a multipart.
+
+ style
+stringDescribes how a specific property value will be serialized depending on its type. See Parameter Object for details on the
+style property. The behavior follows the same values as query parameters, including default values. This property SHALL be ignored if the request body media type is not application/x-www-form-urlencoded.
+
+ explode
+booleanWhen this is true, property values of type
+array or object generate separate parameters for each value of the array, or key-value-pair of the map. For other types of properties this property has no effect. When style is form, the default value is true. For all other styles, the default value is false. This property SHALL be ignored if the request body media type is not application/x-www-form-urlencoded.
+
+
+ allowReserved
+booleanDetermines whether the parameter value SHOULD allow reserved characters, as defined by [[!RFC3986]]
+:/?#[]@!$&'()*+,;= to be included without percent-encoding. The default value is false. This property SHALL be ignored if the request body media type is not application/x-www-form-urlencoded.Encoding Object Example
+
+requestBody:
+ content:
+ multipart/mixed:
+ schema:
+ type: object
+ properties:
+ id:
+ # default is text/plain
+ type: string
+ format: uuid
+ address:
+ # default is application/json
+ type: object
+ properties: {}
+ historyMetadata:
+ # need to declare XML format!
+ description: metadata in XML format
+ type: object
+ properties: {}
+ profileImage:
+ # default is application/octet-stream, need to declare an image type only!
+ type: string
+ format: binary
+ encoding:
+ historyMetadata:
+ # require XML Content-Type in utf-8 encoding
+ contentType: application/xml; charset=utf-8
+ profileImage:
+ # only accept png/jpeg
+ contentType: image/png, image/jpeg
+ headers:
+ X-Rate-Limit-Limit:
+ description: The number of allowed requests in the current period
+ schema:
+ type: integer
+Responses Object
+default MAY be used as a default response object for all HTTP codes
+that are not covered individually by the specification.Responses Object MUST contain at least one response code, and it
+SHOULD be the response for a successful operation call.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+
+ default
+Response Object | Reference Object
+The documentation of responses other than the ones declared for specific HTTP response codes. Use this field to cover undeclared responses. A Reference Object can link to a response that the OpenAPI Object’s components/responses section defines.
+Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ HTTP Status Code
+Response Object | Reference Object
+Any HTTP status code can be used as the property name, but only one property per code, to describe the expected response for that HTTP status code. A Reference Object can link to a response that is defined in the OpenAPI Object’s components/responses section. This field MUST be enclosed in quotation marks (for example, “200”) for compatibility between JSON and YAML. To define a range of response codes, this field MAY contain the uppercase wildcard character
+X. For example, 2XX represents all response codes between [200-299]. Only the following range definitions are allowed: 1XX, 2XX, 3XX, 4XX, and 5XX. If a response is defined using an explicit code, the explicit code definition takes precedence over the range definition for that code.Responses Object Example
+
+{
+ "200": {
+ "description": "a pet to be returned",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/Pet"
+ }
+ }
+ }
+ },
+ "default": {
+ "description": "Unexpected error",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ErrorModel"
+ }
+ }
+ }
+ }
+}
+
+'200':
+ description: a pet to be returned
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Pet'
+default:
+ description: Unexpected error
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ErrorModel'
+Response Object
+links to operations based on the response.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ description
+stringREQUIRED. A short description of the response. CommonMark syntax MAY be used for rich text representation.
+
+
+ headers
+Map[
+string, Header Object | Reference Object]Maps a header name to its definition. [[!RFC7230]] states header names are case insensitive. If a response header is defined with the name
+"Content-Type", it SHALL be ignored.
+
+ content
+Map[
+string, Media Type Object]A map containing descriptions of potential response payloads. The key is a media type or media type range and the value describes it. For responses that match multiple keys, only the most specific key is applicable. e.g. text/plain overrides text/*
+
+
+
+ links
+Map[
+string, Link Object | Reference Object]A map of operations links that can be followed from the response. The key of the map is a short name for the link, following the naming constraints of the names for Component Objects.
+Response Object Examples
+
+{
+ "description": "A complex object array response",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/VeryComplexType"
+ }
+ }
+ }
+ }
+}
+
+description: A complex object array response
+content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/VeryComplexType'
+
+{
+ "description": "A simple string response",
+ "content": {
+ "text/plain": {
+ "schema": {
+ "type": "string"
+ }
+ }
+ }
+
+}
+
+description: A simple string response
+content:
+ text/plain:
+ schema:
+ type: string
+
+{
+ "description": "A simple string response",
+ "content": {
+ "text/plain": {
+ "schema": {
+ "type": "string"
+ }
+ }
+ },
+ "headers": {
+ "X-Rate-Limit-Limit": {
+ "description": "The number of allowed requests in the current period",
+ "schema": {
+ "type": "integer"
+ }
+ },
+ "X-Rate-Limit-Remaining": {
+ "description": "The number of remaining requests in the current period",
+ "schema": {
+ "type": "integer"
+ }
+ },
+ "X-Rate-Limit-Reset": {
+ "description": "The number of seconds left in the current period",
+ "schema": {
+ "type": "integer"
+ }
+ }
+ }
+}
+
+description: A simple string response
+content:
+ text/plain:
+ schema:
+ type: string
+ example: 'whoa!'
+headers:
+ X-Rate-Limit-Limit:
+ description: The number of allowed requests in the current period
+ schema:
+ type: integer
+ X-Rate-Limit-Remaining:
+ description: The number of remaining requests in the current period
+ schema:
+ type: integer
+ X-Rate-Limit-Reset:
+ description: The number of seconds left in the current period
+ schema:
+ type: integer
+
+{
+ "description": "object created"
+}
+
+description: object created
+Callback Object
+Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ {expression}
+Path Item Object
+A Path Item Object used to define a callback request and expected responses. A complete example is available.
+Key Expression
+$request.body#/url.
+However, using a runtime expression the complete HTTP message can be accessed.
+This includes accessing any part of a body that a JSON Pointer [[!RFC6901]] can reference.
+POST /subscribe/myevent?queryUrl=http://clientdomain.com/stillrunning HTTP/1.1
+Host: example.org
+Content-Type: application/json
+Content-Length: 187
+
+{
+ "failedUrl" : "http://clientdomain.com/failed",
+ "successUrls" : [
+ "http://clientdomain.com/fast",
+ "http://clientdomain.com/medium",
+ "http://clientdomain.com/slow"
+ ]
+}
+
+201 Created
+Location: http://example.org/subscription/1
+eventType and a query parameter named queryUrl.
+
+
+
+
+
+
+Expression
+Value
+
+
+$url
+http://example.org/subscribe/myevent?queryUrl=http://clientdomain.com/stillrunning
+
+
+$method
+POST
+
+
+$request.path.eventType
+myevent
+
+
+$request.query.queryUrl
+http://clientdomain.com/stillrunning
+
+
+$request.header.content-Type
+application/json
+
+
+$request.body#/failedUrl
+http://clientdomain.com/failed
+
+
+$request.body#/successUrls/2
+http://clientdomain.com/medium
+
+
+
+$response.header.Location
+http://example.org/subscription/1
+Callback Object Example
+id and email property in the request body.
+myWebhook:
+ 'http://notificationServer.com?transactionId={$request.body#/id}&email={$request.body#/email}':
+ post:
+ requestBody:
+ description: Callback payload
+ content:
+ 'application/json':
+ schema:
+ $ref: '#/components/schemas/SomePayload'
+ responses:
+ '200':
+ description: webhook successfully processed and no retries will be performed
+Example Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ summary
+stringShort description for the example.
+
+
+ description
+stringLong description for the example. CommonMark syntax MAY be used for rich text representation.
+
+
+ value
+Any
+Embedded literal example. The
+value field and externalValue field are mutually exclusive. To represent examples of media types that cannot naturally represented in JSON or YAML, use a string value to contain the example, escaping where necessary.
+
+
+ externalValue
+stringA URL that points to the literal example. This provides the capability to reference examples that cannot easily be included in JSON or YAML documents. The
+value field and externalValue field are mutually exclusive.Example Object Examples
+
+schemas:
+ properties:
+ name:
+ type: string
+ examples:
+ name:
+ $ref: http://example.org/petapi-examples/openapi.json#/components/examples/name-example
+
+requestBody:
+ content:
+ 'application/json':
+ schema:
+ $ref: '#/components/schemas/Address'
+ examples:
+ foo:
+ summary: A foo example
+ value: {"foo": "bar"}
+ bar:
+ summary: A bar example
+ value: {"bar": "baz"}
+ 'application/xml':
+ examples:
+ xmlExample:
+ summary: This is an example in XML
+ externalValue: 'http://example.org/examples/address-example.xml'
+ 'text/plain':
+ examples:
+ textExample:
+ summary: This is a text example
+ externalValue: 'http://foo.bar/examples/address-example.txt'
+
+parameters:
+ - name: 'zipCode'
+ in: 'query'
+ schema:
+ type: 'string'
+ format: 'zip-code'
+ examples:
+ zip-example:
+ $ref: '#/components/examples/zip-example'
+
+responses:
+ '200':
+ description: your car appointment has been booked
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SuccessResponse'
+ examples:
+ confirmation-success:
+ $ref: '#/components/examples/confirmation-success'
+Link Object
+Link object represents a possible design-time link for a response.
+The presence of a link does not guarantee the caller’s ability to successfully invoke it, rather it provides a known relationship and traversal mechanism between responses and other operations.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ operationRef
+stringA relative or absolute reference to an OAS operation. This field is mutually exclusive of the
+operationId field, and MUST point to an Operation Object. Relative operationRef values MAY be used to locate an existing Operation Object in the OpenAPI definition.
+
+ operationId
+stringThe name of an existing, resolvable OAS operation, as defined with a unique
+operationId. This field is mutually exclusive of the operationRef field.
+
+ parameters
+Map[
+string, Any | {expression}]A map representing parameters to pass to an operation as specified with
+operationId or identified via operationRef. The key is the parameter name to be used, whereas the value can be a constant or an expression to be evaluated and passed to the linked operation. The parameter name can be qualified using the parameter location [{in}.]{name} for operations that use the same parameter name in different locations (e.g. path.id).
+
+ requestBody
+Any | {expression}
+A literal value or {expression} to use as a request body when calling the target operation.
+
+
+ description
+stringA description of the link. CommonMark syntax MAY be used for rich text representation.
+
+
+
+ server
+Server Object
+A server object to be used by the target operation.
+operationRef or operationId.
+In the case of an operationId, it MUST be unique and resolved in the scope of the OAS document.
+Because of the potential for name clashes, the operationRef syntax is preferred
+for specifications with external references.Examples
+$request.path.id is used to pass a request parameter to the linked operation.
+paths:
+ /users/{id}:
+ parameters:
+ - name: id
+ in: path
+ required: true
+ description: the user identifier, as userId
+ schema:
+ type: string
+ get:
+ responses:
+ '200':
+ description: the user being returned
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ uuid: # the unique user id
+ type: string
+ format: uuid
+ links:
+ address:
+ # the target link operationId
+ operationId: getUserAddress
+ parameters:
+ # get the `id` field from the request path parameter named `id`
+ userId: $request.path.id
+ # the path item of the linked operation
+ /users/{userid}/address:
+ parameters:
+ - name: userid
+ in: path
+ required: true
+ description: the user identifier, as userId
+ schema:
+ type: string
+ # linked operation
+ get:
+ operationId: getUserAddress
+ responses:
+ '200':
+ description: the user's address
+
+links:
+ address:
+ operationId: getUserAddressByUUID
+ parameters:
+ # get the `uuid` field from the `uuid` field in the response body
+ userUuid: $response.body#/uuid
+OperationRef Examples
+operationId MAY NOT be possible (the operationId is an optional
+value), references MAY also be made through a relative operationRef:
+links:
+ UserRepositories:
+ # returns array of '#/components/schemas/repository'
+ operationRef: '#/paths/~12.0~1repositories~1{username}/get'
+ parameters:
+ username: $response.body#/username
+operationRef:
+links:
+ UserRepositories:
+ # returns array of '#/components/schemas/repository'
+ operationRef: 'https://na2.gigantic-server.com/#/paths/~12.0~1repositories~1{username}/get'
+ parameters:
+ username: $response.body#/username
+operationRef, the escaped forward-slash is necessary when
+using JSON references.Runtime Expressions
+
+
+ expression = ( "$url" | "$method" | "$statusCode" | "$request." source | "$response." source )
+ source = ( header-reference | query-reference | path-reference | body-reference )
+ header-reference = "header." token
+ query-reference = "query." name
+ path-reference = "path." name
+ body-reference = "body" ["#" fragment]
+ fragment = a JSON Pointer [RFC 6901](https://tools.ietf.org/html/rfc6901)
+ name = *( char )
+ char = as per RFC [7159](https://tools.ietf.org/html/rfc7159#section-7)
+ token = as per RFC [7230](https://tools.ietf.org/html/rfc7230#section-3.2.6)
+name identifier is case-sensitive, whereas token is not.Examples
+
+
+
+
+
+
+
+Source Location
+example expression
+notes
+
+
+HTTP Method
+$methodThe allowable values for the
+$method will be those for the HTTP operation.
+
+Requested media type
+$request.header.accept
+
+
+Request parameter
+$request.path.idRequest parameters MUST be declared in the
+parameters section of the parent operation or they cannot be evaluated. This includes request headers.
+
+Request body property
+$request.body#/user/uuidIn operations which accept payloads, references may be made to portions of the
+requestBody or the entire body.
+
+Request URL
+$url
+
+
+Response value
+$response.body#/statusIn operations which return payloads, references may be made to portions of the response body or the entire body.
+
+
+
+Response header
+$response.header.ServerSingle header values only are available
+{} curly braces.Header Object
+
+
+name MUST NOT be specified, it is given in the corresponding headers map.in MUST NOT be specified, it is implicitly in header.header (for example, style).Header Object Example
+integer:
+{
+ "description": "The number of allowed requests in the current period",
+ "schema": {
+ "type": "integer"
+ }
+}
+
+description: The number of allowed requests in the current period
+schema:
+ type: integer
+Tag Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ name
+stringREQUIRED. The name of the tag.
+
+
+ description
+stringA short description for the tag. CommonMark syntax MAY be used for rich text representation.
+
+
+
+ externalDocs
+External Documentation Object
+Additional external documentation for this tag.
+Tag Object Example
+
+{
+ "name": "pet",
+ "description": "Pets operations"
+}
+
+name: pet
+description: Pets operations
+Reference Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+
+ $ref
+stringREQUIRED. The reference string.
+Reference Object Example
+
+{
+ "$ref": "#/components/schemas/Pet"
+}
+
+$ref: '#/components/schemas/Pet'
+Relative Schema Document Example
+
+{
+ "$ref": "Pet.json"
+}
+
+$ref: Pet.yaml
+Relative Documents With Embedded Schema Example
+
+{
+ "$ref": "definitions.json#/Pet"
+}
+
+$ref: definitions.yaml#/Pet
+Schema Object
+Properties
+
+
+
+
+items MUST be present if the type is array.additionalProperties defaults to true.type is string, then default can be "foo" but cannot be 1.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ nullable
+booleanAllows sending a
+null value for the defined schema. Default value is false.
+
+ discriminator
+Discriminator Object
+Adds support for polymorphism. The discriminator is an object name that is used to differentiate between other schemas which may satisfy the payload description. See Composition and Inheritance for more details.
+
+
+ readOnly
+booleanRelevant only for Schema
+"properties" definitions. Declares the property as “read only”. This means that it MAY be sent as part of a response but SHOULD NOT be sent as part of the request. If the property is marked as readOnly being true and is in the required list, the required will take effect on the response only. A property MUST NOT be marked as both readOnly and writeOnly being true. Default value is false.
+
+ writeOnly
+booleanRelevant only for Schema
+"properties" definitions. Declares the property as “write only”. Therefore, it MAY be sent as part of a request but SHOULD NOT be sent as part of the response. If the property is marked as writeOnly being true and is in the required list, the required will take effect on the request only. A property MUST NOT be marked as both readOnly and writeOnly being true. Default value is false.
+
+ xml
+XML Object
+This MAY be used only on properties schemas. It has no effect on root schemas. Adds additional metadata to describe the XML representation of this property.
+
+
+ externalDocs
+External Documentation Object
+Additional external documentation for this schema.
+
+
+ example
+Any
+A free-form property to include an example of an instance for this schema. To represent examples that cannot be naturally represented in JSON or YAML, a string value can be used to contain the example with escaping where necessary.
+
+
+
+ deprecated
+booleanSpecifies that a schema is deprecated and SHOULD be transitioned out of usage. Default value is
+false.Composition and Inheritance (Polymorphism)
+allOf property of JSON Schema, in effect offering model composition.
+allOf takes an array of object definitions that are validated independently but together compose a single object.discriminator field.
+When used, the discriminator will be the name of the property that decides which schema definition validates the structure of the model.
+As such, the discriminator field MUST be a required field.
+There are two ways to define the value of a discriminator for an inheriting instance.
+
+XML Modeling
+Schema Object Examples
+Primitive Sample
+
+{
+ "type": "string",
+ "format": "email"
+}
+
+type: string
+format: email
+Simple Model
+
+{
+ "type": "object",
+ "required": [
+ "name"
+ ],
+ "properties": {
+ "name": {
+ "type": "string"
+ },
+ "address": {
+ "$ref": "#/components/schemas/Address"
+ },
+ "age": {
+ "type": "integer",
+ "format": "int32",
+ "minimum": 0
+ }
+ }
+}
+
+type: object
+required:
+- name
+properties:
+ name:
+ type: string
+ address:
+ $ref: '#/components/schemas/Address'
+ age:
+ type: integer
+ format: int32
+ minimum: 0
+Model with Map/Dictionary Properties
+
+{
+ "type": "object",
+ "additionalProperties": {
+ "type": "string"
+ }
+}
+
+type: object
+additionalProperties:
+ type: string
+
+{
+ "type": "object",
+ "additionalProperties": {
+ "$ref": "#/components/schemas/ComplexModel"
+ }
+}
+
+type: object
+additionalProperties:
+ $ref: '#/components/schemas/ComplexModel'
+Model with Example
+
+{
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "integer",
+ "format": "int64"
+ },
+ "name": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "name"
+ ],
+ "example": {
+ "name": "Puma",
+ "id": 1
+ }
+}
+
+type: object
+properties:
+ id:
+ type: integer
+ format: int64
+ name:
+ type: string
+required:
+- name
+example:
+ name: Puma
+ id: 1
+Models with Composition
+
+{
+ "components": {
+ "schemas": {
+ "ErrorModel": {
+ "type": "object",
+ "required": [
+ "message",
+ "code"
+ ],
+ "properties": {
+ "message": {
+ "type": "string"
+ },
+ "code": {
+ "type": "integer",
+ "minimum": 100,
+ "maximum": 600
+ }
+ }
+ },
+ "ExtendedErrorModel": {
+ "allOf": [
+ {
+ "$ref": "#/components/schemas/ErrorModel"
+ },
+ {
+ "type": "object",
+ "required": [
+ "rootCause"
+ ],
+ "properties": {
+ "rootCause": {
+ "type": "string"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+}
+
+components:
+ schemas:
+ ErrorModel:
+ type: object
+ required:
+ - message
+ - code
+ properties:
+ message:
+ type: string
+ code:
+ type: integer
+ minimum: 100
+ maximum: 600
+ ExtendedErrorModel:
+ allOf:
+ - $ref: '#/components/schemas/ErrorModel'
+ - type: object
+ required:
+ - rootCause
+ properties:
+ rootCause:
+ type: string
+Models with Polymorphism Support
+
+{
+ "components": {
+ "schemas": {
+ "Pet": {
+ "type": "object",
+ "discriminator": {
+ "propertyName": "petType"
+ },
+ "properties": {
+ "name": {
+ "type": "string"
+ },
+ "petType": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "name",
+ "petType"
+ ]
+ },
+ "Cat": {
+ "description": "A representation of a cat. Note that `Cat` will be used as the discriminator value.",
+ "allOf": [
+ {
+ "$ref": "#/components/schemas/Pet"
+ },
+ {
+ "type": "object",
+ "properties": {
+ "huntingSkill": {
+ "type": "string",
+ "description": "The measured skill for hunting",
+ "default": "lazy",
+ "enum": [
+ "clueless",
+ "lazy",
+ "adventurous",
+ "aggressive"
+ ]
+ }
+ },
+ "required": [
+ "huntingSkill"
+ ]
+ }
+ ]
+ },
+ "Dog": {
+ "description": "A representation of a dog. Note that `Dog` will be used as the discriminator value.",
+ "allOf": [
+ {
+ "$ref": "#/components/schemas/Pet"
+ },
+ {
+ "type": "object",
+ "properties": {
+ "packSize": {
+ "type": "integer",
+ "format": "int32",
+ "description": "the size of the pack the dog is from",
+ "default": 0,
+ "minimum": 0
+ }
+ },
+ "required": [
+ "packSize"
+ ]
+ }
+ ]
+ }
+ }
+ }
+}
+
+components:
+ schemas:
+ Pet:
+ type: object
+ discriminator:
+ propertyName: petType
+ properties:
+ name:
+ type: string
+ petType:
+ type: string
+ required:
+ - name
+ - petType
+ Cat: ## "Cat" will be used as the discriminator value
+ description: A representation of a cat
+ allOf:
+ - $ref: '#/components/schemas/Pet'
+ - type: object
+ properties:
+ huntingSkill:
+ type: string
+ description: The measured skill for hunting
+ enum:
+ - clueless
+ - lazy
+ - adventurous
+ - aggressive
+ required:
+ - huntingSkill
+ Dog: ## "Dog" will be used as the discriminator value
+ description: A representation of a dog
+ allOf:
+ - $ref: '#/components/schemas/Pet'
+ - type: object
+ properties:
+ packSize:
+ type: integer
+ format: int32
+ description: the size of the pack the dog is from
+ default: 0
+ minimum: 0
+ required:
+ - packSize
+Discriminator Object
+discriminator object can be used to aid in serialization, deserialization, and validation. The discriminator is a specific object in a schema which is used to inform the consumer of the specification of an alternative schema based on the value associated with it.Fixed Fields
+oneOf, anyOf, allOf.
+MyResponseType:
+ oneOf:
+ - $ref: '#/components/schemas/Cat'
+ - $ref: '#/components/schemas/Dog'
+ - $ref: '#/components/schemas/Lizard'
+Cat, Dog, or Lizard. In this case, a discriminator MAY act as a “hint” to shortcut validation and selection of the matching schema which may be a costly operation, depending on the complexity of the schema. We can then describe exactly which field tells us which schema to use:
+MyResponseType:
+ oneOf:
+ - $ref: '#/components/schemas/Cat'
+ - $ref: '#/components/schemas/Dog'
+ - $ref: '#/components/schemas/Lizard'
+ discriminator:
+ propertyName: petType
+petType MUST be present in the response payload, and the value will correspond to the name of a schema defined in the OAS document. Thus the response payload:
+{
+ "id": 12345,
+ "petType": "Cat"
+}
+Cat schema be used in conjunction with this payload.mapping definition MAY be used:
+MyResponseType:
+ oneOf:
+ - $ref: '#/components/schemas/Cat'
+ - $ref: '#/components/schemas/Dog'
+ - $ref: '#/components/schemas/Lizard'
+ - $ref: 'https://gigantic-server.com/schemas/Monster/schema.json'
+ discriminator:
+ propertyName: petType
+ mapping:
+ dog: '#/components/schemas/Dog'
+ monster: 'https://gigantic-server.com/schemas/Monster/schema.json'
+dog will map to the schema #/components/schemas/Dog, rather than the default (implicit) value of Dog. If the discriminator value does not match an implicit or explicit mapping, no schema can be determined and validation SHOULD fail. Mapping keys MUST be string values, but tooling MAY convert response values to strings for comparison.anyOf construct, the use of the discriminator can avoid ambiguity where multiple schemas may satisfy a single payload.oneOf and anyOf use cases, all possible schemas MUST be listed explicitly. To avoid redundancy, the discriminator MAY be added to a parent schema definition, and all schemas comprising the parent schema in an allOf construct may be used as an alternate schema.
+components:
+ schemas:
+ Pet:
+ type: object
+ required:
+ - petType
+ properties:
+ petType:
+ type: string
+ discriminator:
+ propertyName: petType
+ mapping:
+ dog: Dog
+ Cat:
+ allOf:
+ - $ref: '#/components/schemas/Pet'
+ - type: object
+ # all other properties specific to a `Cat`
+ properties:
+ name:
+ type: string
+ Dog:
+ allOf:
+ - $ref: '#/components/schemas/Pet'
+ - type: object
+ # all other properties specific to a `Dog`
+ properties:
+ bark:
+ type: string
+ Lizard:
+ allOf:
+ - $ref: '#/components/schemas/Pet'
+ - type: object
+ # all other properties specific to a `Lizard`
+ properties:
+ lovesRocks:
+ type: boolean
+
+{
+ "petType": "Cat",
+ "name": "misty"
+}
+Cat schema be used. Likewise this schema:
+{
+ "petType": "dog",
+ "bark": "soft"
+}
+Dog because of the definition in the mappings element.XML Object
+name property SHOULD be used to add that information.
+See examples for expected behavior.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ name
+stringReplaces the name of the element/attribute used for the described schema property. When defined within
+items, it will affect the name of the individual XML elements within the list. When defined alongside type being array (outside the items), it will affect the wrapping element and only if wrapped is true. If wrapped is false, it will be ignored.
+
+ namespace
+stringThe URI of the namespace definition. Value MUST be in the form of an absolute URI.
+
+
+ prefix
+stringThe prefix to be used for the name.
+
+
+ attribute
+booleanDeclares whether the property definition translates to an attribute instead of an element. Default value is
+false.
+
+
+ wrapped
+booleanMAY be used only for an array definition. Signifies whether the array is wrapped (for example,
+<books><book/><book/></books>) or unwrapped (<book/><book/>). Default value is false. The definition takes effect only when defined alongside type being array (outside the items).XML Object Examples
+No XML Element
+
+{
+ "animals": {
+ "type": "string"
+ }
+}
+
+animals:
+ type: string
+
+<animals>...</animals>
+wrapped is false by default):
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+
+<animals>...</animals>
+<animals>...</animals>
+<animals>...</animals>
+XML Name Replacement
+
+{
+ "animals": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ }
+}
+
+animals:
+ type: string
+ xml:
+ name: animal
+
+<animal>...</animal>
+XML Attribute, Prefix and Namespace
+
+{
+ "Person": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "integer",
+ "format": "int32",
+ "xml": {
+ "attribute": true
+ }
+ },
+ "name": {
+ "type": "string",
+ "xml": {
+ "namespace": "http://example.com/schema/sample",
+ "prefix": "sample"
+ }
+ }
+ }
+ }
+}
+
+Person:
+ type: object
+ properties:
+ id:
+ type: integer
+ format: int32
+ xml:
+ attribute: true
+ name:
+ type: string
+ xml:
+ namespace: http://example.com/schema/sample
+ prefix: sample
+
+<Person id="123">
+ <sample:name xmlns:sample="http://example.com/schema/sample">example</sample:name>
+</Person>
+XML Arrays
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: animal
+
+<animal>value</animal>
+<animal>value</animal>
+name property has no effect on the XML:
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ },
+ "xml": {
+ "name": "aliens"
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: animal
+ xml:
+ name: aliens
+
+<animal>value</animal>
+<animal>value</animal>
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ },
+ "xml": {
+ "wrapped": true
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ wrapped: true
+
+<animals>
+ <animals>value</animals>
+ <animals>value</animals>
+</animals>
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ },
+ "xml": {
+ "wrapped": true
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: animal
+ xml:
+ wrapped: true
+
+<animals>
+ <animal>value</animal>
+ <animal>value</animal>
+</animals>
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ },
+ "xml": {
+ "name": "aliens",
+ "wrapped": true
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: animal
+ xml:
+ name: aliens
+ wrapped: true
+
+<aliens>
+ <animal>value</animal>
+ <animal>value</animal>
+</aliens>
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ },
+ "xml": {
+ "name": "aliens",
+ "wrapped": true
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: aliens
+ wrapped: true
+
+<aliens>
+ <aliens>value</aliens>
+ <aliens>value</aliens>
+</aliens>
+Security Scheme Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Applies To
+Description
+
+
+ type
+stringAny
+REQUIRED. The type of the security scheme. Valid values are
+"apiKey", "http", "oauth2", "openIdConnect".
+
+ description
+stringAny
+A short description for security scheme. CommonMark syntax MAY be used for rich text representation.
+
+
+ name
+stringapiKeyREQUIRED. The name of the header, query or cookie parameter to be used.
+
+
+ in
+stringapiKeyREQUIRED. The location of the API key. Valid values are
+"query", "header" or "cookie".
+
+ scheme
+stringhttpREQUIRED. The name of the HTTP Authorization scheme to be used in the Authorization header as defined in [[!RFC7235]].
+
+
+ bearerFormat
+stringhttp ("bearer")A hint to the client to identify how the bearer token is formatted. Bearer tokens are usually generated by an authorization server, so this information is primarily for documentation purposes.
+
+
+ flows
+OAuth Flows Object
+oauth2REQUIRED. An object containing configuration information for the flow types supported.
+
+
+
+ openIdConnectUrl
+stringopenIdConnectREQUIRED. OpenId Connect URL to discover OAuth2 configuration values. This MUST be in the form of a URL.
+Security Scheme Object Example
+Basic Authentication Sample
+
+{
+ "type": "http",
+ "scheme": "basic"
+}
+
+type: http
+scheme: basic
+API Key Sample
+
+{
+ "type": "apiKey",
+ "name": "api_key",
+ "in": "header"
+}
+
+type: apiKey
+name: api_key
+in: header
+JWT Bearer Sample
+
+{
+ "type": "http",
+ "scheme": "bearer",
+ "bearerFormat": "JWT",
+}
+
+type: http
+scheme: bearer
+bearerFormat: JWT
+Implicit OAuth2 Sample
+
+{
+ "type": "oauth2",
+ "flows": {
+ "implicit": {
+ "authorizationUrl": "https://example.com/api/oauth/dialog",
+ "scopes": {
+ "write:pets": "modify pets in your account",
+ "read:pets": "read your pets"
+ }
+ }
+ }
+}
+
+type: oauth2
+flows:
+ implicit:
+ authorizationUrl: https://example.com/api/oauth/dialog
+ scopes:
+ write:pets: modify pets in your account
+ read:pets: read your pets
+OAuth Flows Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ implicit
+OAuth Flow Object
+Configuration for the OAuth Implicit flow
+
+
+ password
+OAuth Flow Object
+Configuration for the OAuth Resource Owner Password flow
+
+
+ clientCredentials
+OAuth Flow Object
+Configuration for the OAuth Client Credentials flow. Previously called
+application in OpenAPI 2.0.
+
+
+ authorizationCode
+OAuth Flow Object
+Configuration for the OAuth Authorization Code flow. Previously called
+accessCode in OpenAPI 2.0.OAuth Flow Object
+Fixed Fields
+OAuth Flow Object Examples
+
+{
+ "type": "oauth2",
+ "flows": {
+ "implicit": {
+ "authorizationUrl": "https://example.com/api/oauth/dialog",
+ "scopes": {
+ "write:pets": "modify pets in your account",
+ "read:pets": "read your pets"
+ }
+ },
+ "authorizationCode": {
+ "authorizationUrl": "https://example.com/api/oauth/dialog",
+ "tokenUrl": "https://example.com/api/oauth/token",
+ "scopes": {
+ "write:pets": "modify pets in your account",
+ "read:pets": "read your pets"
+ }
+ }
+ }
+}
+
+type: oauth2
+flows:
+ implicit:
+ authorizationUrl: https://example.com/api/oauth/dialog
+ scopes:
+ write:pets: modify pets in your account
+ read:pets: read your pets
+ authorizationCode:
+ authorizationUrl: https://example.com/api/oauth/dialog
+ tokenUrl: https://example.com/api/oauth/token
+ scopes:
+ write:pets: modify pets in your account
+ read:pets: read your pets
+Security Requirement Object
+Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ {name}
+[
+string]Each name MUST correspond to a security scheme which is declared in the Security Schemes under the Components Object. If the security scheme is of type
+"oauth2" or "openIdConnect", then the value is a list of scope names required for the execution. For other security scheme types, the array MUST be empty.Security Requirement Object Examples
+Non-OAuth2 Security Requirement
+
+{
+ "api_key": []
+}
+
+api_key: []
+OAuth2 Security Requirement
+
+{
+ "petstore_auth": [
+ "write:pets",
+ "read:pets"
+ ]
+}
+
+petstore_auth:
+- write:pets
+- read:pets
+Specification Extensions
+"x-".Security Filtering
+
+
+Appendix A: Revision History
+
+
+
+
diff --git a/docs/oas/v3.0.3.html b/docs/oas/v3.0.3.html
new file mode 100644
index 0000000000..27549a8920
--- /dev/null
+++ b/docs/oas/v3.0.3.html
@@ -0,0 +1,4096 @@
+
+
+
+
+Version
+Date
+Notes
+
+
+3.0.2
+2018-10-08
+Patch release of the OpenAPI Specification 3.0.2
+
+
+3.0.1
+2017-12-06
+Patch release of the OpenAPI Specification 3.0.1
+
+
+3.0.0
+2017-07-26
+Release of the OpenAPI Specification 3.0.0
+
+
+3.0.0-rc2
+2017-06-16
+rc2 of the 3.0 specification
+
+
+3.0.0-rc1
+2017-04-27
+rc1 of the 3.0 specification
+
+
+3.0.0-rc0
+2017-02-28
+Implementer’s Draft of the 3.0 specification
+
+
+2.0
+2015-12-31
+Donation of Swagger 2.0 to the Open API Initiative
+
+
+2.0
+2014-09-08
+Release of Swagger 2.0
+
+
+1.2
+2014-03-14
+Initial release of the formal document.
+
+
+1.1
+2012-08-22
+Release of Swagger 1.1
+
+
+
+1.0
+2011-08-10
+First release of the Swagger Specification
+OpenAPI Specification v3.0.3
Status of This Document
The source-of-truth for the specification is the GitHub markdown file referenced above.OpenAPI Specification
+Version 3.0.3
+Introduction
+Definitions
+OpenAPI Document
+Path Templating
+Media Types
+
+
+ text/plain; charset=utf-8
+ application/json
+ application/vnd.github+json
+ application/vnd.github.v3+json
+ application/vnd.github.v3.raw+json
+ application/vnd.github.v3.text+json
+ application/vnd.github.v3.html+json
+ application/vnd.github.v3.full+json
+ application/vnd.github.v3.diff
+ application/vnd.github.v3.patch
+HTTP Status Codes
+Specification
+Versions
+major.minor portion of the semver (for example 3.0) SHALL designate the OAS feature set. Typically, .patch versions address errors in this document, not the feature set. Tooling which supports OAS 3.0 SHOULD be compatible with all OAS 3.0.* versions. The patch version SHOULD NOT be considered by tooling, making no distinction between 3.0.0 and 3.0.1 for example.openapi property to the new minor version.openapi property to 3.1.0, SHALL be a valid OpenAPI 3.1.0 document, semantically equivalent to the original OpenAPI 3.0.2 document. New minor versions of the OpenAPI Specification MUST be written to ensure this form of backward compatibility.openapi field which designates the semantic version of the OAS that it uses. (OAS 2.0 documents contain a top-level version field named swagger and value "2.0".)Format
+
+{
+ "field": [ 1, 2, 3 ]
+}
+
+
+Document Structure
+$ref fields MUST be used in the specification to reference those parts as follows from the JSON Schema definitions.openapi.json or openapi.yaml.Data Types
+integer as a type is also supported and is defined as a JSON number without a fraction or exponent part.
+null is not supported as a type (see nullable for an alternative solution).
+Models are defined using the Schema Object, which is an extended subset of JSON Schema Specification Wright Draft 00.format.
+OAS uses several known formats to define in fine detail the data type being used.
+However, to support documentation needs, the format property is an open string-valued property, and can have any value.
+Formats such as "email", "uuid", and so on, MAY be used even though undefined by this specification.
+Types that are not accompanied by a format property follow the type definition in the JSON Schema. Tools that do not recognize a specific format MAY default back to the type alone, as if the format is not specified.
+
+
+
+
+
+
+typeformatComments
+
+
+integerint32signed 32 bits
+
+
+integerint64signed 64 bits (a.k.a long)
+
+
+numberfloat
+
+
+numberdouble
+
+
+string
+
+
+
+stringbytebase64 encoded characters
+
+
+stringbinaryany sequence of octets
+
+
+boolean
+
+
+
+stringdateAs defined by
+full-date - [!RFC3339]
+
+stringdate-timeAs defined by
+date-time - [!RFC3339]
+
+
+stringpasswordA hint to UIs to obscure input.
+Rich Text Formatting
+description fields are noted as supporting CommonMark markdown formatting.
+Where OpenAPI tooling renders rich text it MUST support, at a minimum, markdown syntax as described by CommonMark 0.27. Tooling MAY choose to ignore some CommonMark features to address security concerns.Relative References in URLs
+Server Object as a Base URI.$ref are processed as per JSON Reference, using the URL of the current document as the base URI. See also the Reference Object.Schema
+OpenAPI Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ openapi
+stringREQUIRED. This string MUST be the semantic version number of the OpenAPI Specification version that the OpenAPI document uses. The
+openapi field SHOULD be used by tooling specifications and clients to interpret the OpenAPI document. This is not related to the API info.version string.
+
+ info
+Info Object
+REQUIRED. Provides metadata about the API. The metadata MAY be used by tooling as required.
+
+
+ servers
+[Server Object]
+An array of Server Objects, which provide connectivity information to a target server. If the
+servers property is not provided, or is an empty array, the default value would be a Server Object with a url value of /.
+
+ paths
+Paths Object
+REQUIRED. The available paths and operations for the API.
+
+
+ components
+Components Object
+An element to hold various schemas for the specification.
+
+
+ security
+[Security Requirement Object]
+A declaration of which security mechanisms can be used across the API. The list of values includes alternative security requirement objects that can be used. Only one of the security requirement objects need to be satisfied to authorize a request. Individual operations can override this definition. To make security optional, an empty security requirement (
+{}) can be included in the array.
+
+ tags
+[Tag Object]
+A list of tags used by the specification with additional metadata. The order of the tags can be used to reflect on their order by the parsing tools. Not all tags that are used by the Operation Object must be declared. The tags that are not declared MAY be organized randomly or based on the tools’ logic. Each tag name in the list MUST be unique.
+
+
+
+ externalDocs
+External Documentation Object
+Additional external documentation.
+Info Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ title
+stringREQUIRED. The title of the API.
+
+
+ description
+stringA short description of the API. CommonMark syntax MAY be used for rich text representation.
+
+
+ termsOfService
+stringA URL to the Terms of Service for the API. MUST be in the format of a URL.
+
+
+ contact
+Contact Object
+The contact information for the exposed API.
+
+
+ license
+License Object
+The license information for the exposed API.
+
+
+
+ version
+stringREQUIRED. The version of the OpenAPI document (which is distinct from the OpenAPI Specification version or the API implementation version).
+Info Object Example
+
+{
+ "title": "Sample Pet Store App",
+ "description": "This is a sample server for a pet store.",
+ "termsOfService": "http://example.com/terms/",
+ "contact": {
+ "name": "API Support",
+ "url": "http://www.example.com/support",
+ "email": "support@example.com"
+ },
+ "license": {
+ "name": "Apache 2.0",
+ "url": "https://www.apache.org/licenses/LICENSE-2.0.html"
+ },
+ "version": "1.0.1"
+}
+
+title: Sample Pet Store App
+description: This is a sample server for a pet store.
+termsOfService: http://example.com/terms/
+contact:
+ name: API Support
+ url: http://www.example.com/support
+ email: support@example.com
+license:
+ name: Apache 2.0
+ url: https://www.apache.org/licenses/LICENSE-2.0.html
+version: 1.0.1
+Contact Object
+Fixed Fields
+Contact Object Example
+
+{
+ "name": "API Support",
+ "url": "http://www.example.com/support",
+ "email": "support@example.com"
+}
+
+name: API Support
+url: http://www.example.com/support
+email: support@example.com
+License Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ name
+stringREQUIRED. The license name used for the API.
+
+
+
+ url
+stringA URL to the license used for the API. MUST be in the format of a URL.
+License Object Example
+
+{
+ "name": "Apache 2.0",
+ "url": "https://www.apache.org/licenses/LICENSE-2.0.html"
+}
+
+name: Apache 2.0
+url: https://www.apache.org/licenses/LICENSE-2.0.html
+Server Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ url
+stringREQUIRED. A URL to the target host. This URL supports Server Variables and MAY be relative, to indicate that the host location is relative to the location where the OpenAPI document is being served. Variable substitutions will be made when a variable is named in
+{brackets}.
+
+ description
+stringAn optional string describing the host designated by the URL. CommonMark syntax MAY be used for rich text representation.
+
+
+
+ variables
+Map[
+string, Server Variable Object]A map between a variable name and its value. The value is used for substitution in the server’s URL template.
+Server Object Example
+
+{
+ "url": "https://development.gigantic-server.com/v1",
+ "description": "Development server"
+}
+
+url: https://development.gigantic-server.com/v1
+description: Development server
+servers:
+{
+ "servers": [
+ {
+ "url": "https://development.gigantic-server.com/v1",
+ "description": "Development server"
+ },
+ {
+ "url": "https://staging.gigantic-server.com/v1",
+ "description": "Staging server"
+ },
+ {
+ "url": "https://api.gigantic-server.com/v1",
+ "description": "Production server"
+ }
+ ]
+}
+
+servers:
+- url: https://development.gigantic-server.com/v1
+ description: Development server
+- url: https://staging.gigantic-server.com/v1
+ description: Staging server
+- url: https://api.gigantic-server.com/v1
+ description: Production server
+
+{
+ "servers": [
+ {
+ "url": "https://{username}.gigantic-server.com:{port}/{basePath}",
+ "description": "The production API server",
+ "variables": {
+ "username": {
+ "default": "demo",
+ "description": "this value is assigned by the service provider, in this example `gigantic-server.com`"
+ },
+ "port": {
+ "enum": [
+ "8443",
+ "443"
+ ],
+ "default": "8443"
+ },
+ "basePath": {
+ "default": "v2"
+ }
+ }
+ }
+ ]
+}
+
+servers:
+- url: https://{username}.gigantic-server.com:{port}/{basePath}
+ description: The production API server
+ variables:
+ username:
+ # note! no enum here means it is an open value
+ default: demo
+ description: this value is assigned by the service provider, in this example `gigantic-server.com`
+ port:
+ enum:
+ - '8443'
+ - '443'
+ default: '8443'
+ basePath:
+ # open meaning there is the opportunity to use special base paths as assigned by the provider, default is `v2`
+ default: v2
+Server Variable Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ enum
+[
+string]An enumeration of string values to be used if the substitution options are from a limited set. The array SHOULD NOT be empty.
+
+
+ default
+stringREQUIRED. The default value to use for substitution, which SHALL be sent if an alternate value is not supplied. Note this behavior is different than the Schema Object’s treatment of default values, because in those cases parameter values are optional. If the
+enum is defined, the value SHOULD exist in the enum’s values.
+
+
+ description
+stringAn optional description for the server variable. CommonMark syntax MAY be used for rich text representation.
+Components Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ schemas
+Map[
+string, Schema Object | Reference Object]An object to hold reusable Schema Objects.
+
+
+ responses
+Map[
+string, Response Object | Reference Object]An object to hold reusable Response Objects.
+
+
+ parameters
+Map[
+string, Parameter Object | Reference Object]An object to hold reusable Parameter Objects.
+
+
+ examples
+Map[
+string, Example Object | Reference Object]An object to hold reusable Example Objects.
+
+
+ requestBodies
+Map[
+string, Request Body Object | Reference Object]An object to hold reusable Request Body Objects.
+
+
+ headers
+Map[
+string, Header Object | Reference Object]An object to hold reusable Header Objects.
+
+
+ securitySchemes
+Map[
+string, Security Scheme Object | Reference Object]An object to hold reusable Security Scheme Objects.
+
+
+ links
+Map[
+string, Link Object | Reference Object]An object to hold reusable Link Objects.
+
+
+
+ callbacks
+Map[
+string, Callback Object | Reference Object]An object to hold reusable Callback Objects.
+^[a-zA-Z0-9\.\-_]+$.
+
+User
+User_1
+User_Name
+user-name
+my.org.User
+Components Object Example
+
+"components": {
+ "schemas": {
+ "GeneralError": {
+ "type": "object",
+ "properties": {
+ "code": {
+ "type": "integer",
+ "format": "int32"
+ },
+ "message": {
+ "type": "string"
+ }
+ }
+ },
+ "Category": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "integer",
+ "format": "int64"
+ },
+ "name": {
+ "type": "string"
+ }
+ }
+ },
+ "Tag": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "integer",
+ "format": "int64"
+ },
+ "name": {
+ "type": "string"
+ }
+ }
+ }
+ },
+ "parameters": {
+ "skipParam": {
+ "name": "skip",
+ "in": "query",
+ "description": "number of items to skip",
+ "required": true,
+ "schema": {
+ "type": "integer",
+ "format": "int32"
+ }
+ },
+ "limitParam": {
+ "name": "limit",
+ "in": "query",
+ "description": "max records to return",
+ "required": true,
+ "schema" : {
+ "type": "integer",
+ "format": "int32"
+ }
+ }
+ },
+ "responses": {
+ "NotFound": {
+ "description": "Entity not found."
+ },
+ "IllegalInput": {
+ "description": "Illegal input for operation."
+ },
+ "GeneralError": {
+ "description": "General Error",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GeneralError"
+ }
+ }
+ }
+ }
+ },
+ "securitySchemes": {
+ "api_key": {
+ "type": "apiKey",
+ "name": "api_key",
+ "in": "header"
+ },
+ "petstore_auth": {
+ "type": "oauth2",
+ "flows": {
+ "implicit": {
+ "authorizationUrl": "http://example.org/api/oauth/dialog",
+ "scopes": {
+ "write:pets": "modify pets in your account",
+ "read:pets": "read your pets"
+ }
+ }
+ }
+ }
+ }
+}
+
+components:
+ schemas:
+ GeneralError:
+ type: object
+ properties:
+ code:
+ type: integer
+ format: int32
+ message:
+ type: string
+ Category:
+ type: object
+ properties:
+ id:
+ type: integer
+ format: int64
+ name:
+ type: string
+ Tag:
+ type: object
+ properties:
+ id:
+ type: integer
+ format: int64
+ name:
+ type: string
+ parameters:
+ skipParam:
+ name: skip
+ in: query
+ description: number of items to skip
+ required: true
+ schema:
+ type: integer
+ format: int32
+ limitParam:
+ name: limit
+ in: query
+ description: max records to return
+ required: true
+ schema:
+ type: integer
+ format: int32
+ responses:
+ NotFound:
+ description: Entity not found.
+ IllegalInput:
+ description: Illegal input for operation.
+ GeneralError:
+ description: General Error
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GeneralError'
+ securitySchemes:
+ api_key:
+ type: apiKey
+ name: api_key
+ in: header
+ petstore_auth:
+ type: oauth2
+ flows:
+ implicit:
+ authorizationUrl: http://example.org/api/oauth/dialog
+ scopes:
+ write:pets: modify pets in your account
+ read:pets: read your pets
+Paths Object
+Server Object in order to construct the full URL. The Paths MAY be empty, due to ACL constraints.Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ /{path}
+Path Item Object
+A relative path to an individual endpoint. The field name MUST begin with a forward slash (
+/). The path is appended (no relative URL resolution) to the expanded URL from the Server Object’s url field in order to construct the full URL. Path templating is allowed. When matching URLs, concrete (non-templated) paths would be matched before their templated counterparts. Templated paths with the same hierarchy but different templated names MUST NOT exist as they are identical. In case of ambiguous matching, it’s up to the tooling to decide which one to use.Path Templating Matching
+/pets/mine, will be matched first if used:
+
+ /pets/{petId}
+ /pets/mine
+
+
+ /pets/{petId}
+ /pets/{name}
+
+
+ /{entity}/me
+ /books/{id}
+Paths Object Example
+
+{
+ "/pets": {
+ "get": {
+ "description": "Returns all pets from the system that the user has access to",
+ "responses": {
+ "200": {
+ "description": "A list of pets.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/pet"
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+}
+
+/pets:
+ get:
+ description: Returns all pets from the system that the user has access to
+ responses:
+ '200':
+ description: A list of pets.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/pet'
+Path Item Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ $ref
+stringAllows for an external definition of this path item. The referenced structure MUST be in the format of a Path Item Object. In case a Path Item Object field appears both in the defined object and the referenced object, the behavior is undefined.
+
+
+ summary
+stringAn optional, string summary, intended to apply to all operations in this path.
+
+
+ description
+stringAn optional, string description, intended to apply to all operations in this path. CommonMark syntax MAY be used for rich text representation.
+
+
+ get
+Operation Object
+A definition of a GET operation on this path.
+
+
+ put
+Operation Object
+A definition of a PUT operation on this path.
+
+
+ post
+Operation Object
+A definition of a POST operation on this path.
+
+
+ delete
+Operation Object
+A definition of a DELETE operation on this path.
+
+
+ options
+Operation Object
+A definition of a OPTIONS operation on this path.
+
+
+ head
+Operation Object
+A definition of a HEAD operation on this path.
+
+
+ patch
+Operation Object
+A definition of a PATCH operation on this path.
+
+
+ trace
+Operation Object
+A definition of a TRACE operation on this path.
+
+
+ servers
+[Server Object]
+An alternative
+server array to service all operations in this path.
+
+
+ parameters
+[Parameter Object | Reference Object]
+A list of parameters that are applicable for all the operations described under this path. These parameters can be overridden at the operation level, but cannot be removed there. The list MUST NOT include duplicated parameters. A unique parameter is defined by a combination of a name and location. The list can use the Reference Object to link to parameters that are defined at the OpenAPI Object’s components/parameters.
+Path Item Object Example
+
+{
+ "get": {
+ "description": "Returns pets based on ID",
+ "summary": "Find pets by ID",
+ "operationId": "getPetsById",
+ "responses": {
+ "200": {
+ "description": "pet response",
+ "content": {
+ "*/*": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/Pet"
+ }
+ }
+ }
+ }
+ },
+ "default": {
+ "description": "error payload",
+ "content": {
+ "text/html": {
+ "schema": {
+ "$ref": "#/components/schemas/ErrorModel"
+ }
+ }
+ }
+ }
+ }
+ },
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of pet to use",
+ "required": true,
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "style": "simple"
+ }
+ ]
+}
+
+get:
+ description: Returns pets based on ID
+ summary: Find pets by ID
+ operationId: getPetsById
+ responses:
+ '200':
+ description: pet response
+ content:
+ '*/*' :
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/Pet'
+ default:
+ description: error payload
+ content:
+ 'text/html':
+ schema:
+ $ref: '#/components/schemas/ErrorModel'
+parameters:
+- name: id
+ in: path
+ description: ID of pet to use
+ required: true
+ schema:
+ type: array
+ items:
+ type: string
+ style: simple
+Operation Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ tags
+[
+string]A list of tags for API documentation control. Tags can be used for logical grouping of operations by resources or any other qualifier.
+
+
+ summary
+stringA short summary of what the operation does.
+
+
+ description
+stringA verbose explanation of the operation behavior. CommonMark syntax MAY be used for rich text representation.
+
+
+ externalDocs
+External Documentation Object
+Additional external documentation for this operation.
+
+
+ operationId
+stringUnique string used to identify the operation. The id MUST be unique among all operations described in the API. The operationId value is case-sensitive. Tools and libraries MAY use the operationId to uniquely identify an operation, therefore, it is RECOMMENDED to follow common programming naming conventions.
+
+
+ parameters
+[Parameter Object | Reference Object]
+A list of parameters that are applicable for this operation. If a parameter is already defined at the Path Item, the new definition will override it but can never remove it. The list MUST NOT include duplicated parameters. A unique parameter is defined by a combination of a name and location. The list can use the Reference Object to link to parameters that are defined at the OpenAPI Object’s components/parameters.
+
+
+ requestBody
+Request Body Object | Reference Object
+The request body applicable for this operation. The
+requestBody is only supported in HTTP methods where the HTTP 1.1 specification [[!RFC7231]] has explicitly defined semantics for request bodies. In other cases where the HTTP spec is vague, requestBody SHALL be ignored by consumers.
+
+ responses
+Responses Object
+REQUIRED. The list of possible responses as they are returned from executing this operation.
+
+
+ callbacks
+Map[
+string, Callback Object | Reference Object]A map of possible out-of band callbacks related to the parent operation. The key is a unique identifier for the Callback Object. Each value in the map is a Callback Object that describes a request that may be initiated by the API provider and the expected responses.
+
+
+ deprecated
+booleanDeclares this operation to be deprecated. Consumers SHOULD refrain from usage of the declared operation. Default value is
+false.
+
+ security
+[Security Requirement Object]
+A declaration of which security mechanisms can be used for this operation. The list of values includes alternative security requirement objects that can be used. Only one of the security requirement objects need to be satisfied to authorize a request. To make security optional, an empty security requirement (
+{}) can be included in the array. This definition overrides any declared top-level security. To remove a top-level security declaration, an empty array can be used.
+
+
+ servers
+[Server Object]
+An alternative
+server array to service this operation. If an alternative server object is specified at the Path Item Object or Root level, it will be overridden by this value.Operation Object Example
+
+{
+ "tags": [
+ "pet"
+ ],
+ "summary": "Updates a pet in the store with form data",
+ "operationId": "updatePetWithForm",
+ "parameters": [
+ {
+ "name": "petId",
+ "in": "path",
+ "description": "ID of pet that needs to be updated",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "type": "object",
+ "properties": {
+ "name": {
+ "description": "Updated name of the pet",
+ "type": "string"
+ },
+ "status": {
+ "description": "Updated status of the pet",
+ "type": "string"
+ }
+ },
+ "required": ["status"]
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Pet updated.",
+ "content": {
+ "application/json": {},
+ "application/xml": {}
+ }
+ },
+ "405": {
+ "description": "Method Not Allowed",
+ "content": {
+ "application/json": {},
+ "application/xml": {}
+ }
+ }
+ },
+ "security": [
+ {
+ "petstore_auth": [
+ "write:pets",
+ "read:pets"
+ ]
+ }
+ ]
+}
+
+tags:
+- pet
+summary: Updates a pet in the store with form data
+operationId: updatePetWithForm
+parameters:
+- name: petId
+ in: path
+ description: ID of pet that needs to be updated
+ required: true
+ schema:
+ type: string
+requestBody:
+ content:
+ 'application/x-www-form-urlencoded':
+ schema:
+ properties:
+ name:
+ description: Updated name of the pet
+ type: string
+ status:
+ description: Updated status of the pet
+ type: string
+ required:
+ - status
+responses:
+ '200':
+ description: Pet updated.
+ content:
+ 'application/json': {}
+ 'application/xml': {}
+ '405':
+ description: Method Not Allowed
+ content:
+ 'application/json': {}
+ 'application/xml': {}
+security:
+- petstore_auth:
+ - write:pets
+ - read:pets
+External Documentation Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ description
+stringA short description of the target documentation. CommonMark syntax MAY be used for rich text representation.
+
+
+
+ url
+stringREQUIRED. The URL for the target documentation. Value MUST be in the format of a URL.
+External Documentation Object Example
+
+{
+ "description": "Find more info here",
+ "url": "https://example.com"
+}
+
+description: Find more info here
+url: https://example.com
+Parameter Object
+Parameter Locations
+in field:
+
+/items/{itemId}, the path parameter is itemId./items?id=###, the query parameter is id.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ name
+stringREQUIRED. The name of the parameter. Parameter names are case sensitive.
+in is "path", the name field MUST correspond to a template expression occurring within the path field in the Paths Object. See Path Templating for further information.in is "header" and the name field is "Accept", "Content-Type" or "Authorization", the parameter definition SHALL be ignored.name corresponds to the parameter name used by the in property.
+
+ in
+stringREQUIRED. The location of the parameter. Possible values are
+"query", "header", "path" or "cookie".
+
+ description
+stringA brief description of the parameter. This could contain examples of use. CommonMark syntax MAY be used for rich text representation.
+
+
+ required
+booleanDetermines whether this parameter is mandatory. If the parameter location is
+"path", this property is REQUIRED and its value MUST be true. Otherwise, the property MAY be included and its default value is false.
+
+ deprecated
+booleanSpecifies that a parameter is deprecated and SHOULD be transitioned out of usage. Default value is
+false.
+
+
+ allowEmptyValue
+booleanSets the ability to pass empty-valued parameters. This is valid only for
+query parameters and allows sending a parameter with an empty value. Default value is false. If style is used, and if behavior is n/a (cannot be serialized), the value of allowEmptyValue SHALL be ignored. Use of this property is NOT RECOMMENDED, as it is likely to be removed in a later revision.schema and style can describe the structure and syntax of the parameter.
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ style
+stringDescribes how the parameter value will be serialized depending on the type of the parameter value. Default values (based on value of
+in): for query - form; for path - simple; for header - simple; for cookie - form.
+
+ explode
+booleanWhen this is true, parameter values of type
+array or object generate separate parameters for each value of the array or key-value pair of the map. For other types of parameters this property has no effect. When style is form, the default value is true. For all other styles, the default value is false.
+
+ allowReserved
+booleanDetermines whether the parameter value SHOULD allow reserved characters, as defined by [[!RFC3986]]
+:/?#[]@!$&'()*+,;= to be included without percent-encoding. This property only applies to parameters with an in value of query. The default value is false.
+
+ schema
+Schema Object | Reference Object
+The schema defining the type used for the parameter.
+
+
+ example
+Any
+Example of the parameter’s potential value. The example SHOULD match the specified schema and encoding properties if present. The
+example field is mutually exclusive of the examples field. Furthermore, if referencing a schema that contains an example, the example value SHALL override the example provided by the schema. To represent examples of media types that cannot naturally be represented in JSON or YAML, a string value can contain the example with escaping where necessary.
+
+
+ examples
+Map[
+string, Example Object | Reference Object]Examples of the parameter’s potential value. Each example SHOULD contain a value in the correct format as specified in the parameter encoding. The
+examples field is mutually exclusive of the example field. Furthermore, if referencing a schema that contains an example, the examples value SHALL override the example provided by the schema.content property can define the media type and schema of the parameter.
+A parameter MUST contain either a schema property, or a content property, but not both.
+When example or examples are provided in conjunction with the schema object, the example MUST follow the prescribed serialization strategy for the parameter.
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+
+ content
+Map[
+string, Media Type Object]A map containing the representations for the parameter. The key is the media type and the value describes it. The map MUST only contain one entry.
+Style Values
+style values are defined.
+
+
+
+
+
+
+styletypeinComments
+
+
+matrix
+primitive, array, objectpathPath-style parameters defined by [[!RFC6570]]
+
+
+label
+primitive, array, objectpathLabel style parameters defined by [[!RFC6570]]
+
+
+form
+primitive, array, objectquery, cookieForm style parameters defined by [[!RFC6570]]. This option replaces
+collectionFormat with a csv (when explode is false) or multi (when explode is true) value from OpenAPI 2.0.
+
+simple
+arraypath, headerSimple style parameters defined by [[!RFC6570]]. This option replaces
+collectionFormat with a csv value from OpenAPI 2.0.
+
+spaceDelimited
+arrayquerySpace separated array values. This option replaces
+collectionFormat equal to ssv from OpenAPI 2.0.
+
+pipeDelimited
+arrayqueryPipe separated array values. This option replaces
+collectionFormat equal to pipes from OpenAPI 2.0.
+
+
+deepObject
+objectqueryProvides a simple way of rendering nested objects using form parameters.
+Style Examples
+color has one of the following values:
+
+ string -> "blue"
+ array -> ["blue","black","brown"]
+ object -> { "R": 100, "G": 200, "B": 150 }
+
+
+
+
+
+
+
+styleexplodeemptystringarrayobject
+
+matrix
+false
+;color
+;color=blue
+;color=blue,black,brown
+;color=R,100,G,200,B,150
+
+
+matrix
+true
+;color
+;color=blue
+;color=blue;color=black;color=brown
+;R=100;G=200;B=150
+
+
+label
+false
+.
+.blue
+.blue.black.brown
+.R.100.G.200.B.150
+
+
+label
+true
+.
+.blue
+.blue.black.brown
+.R=100.G=200.B=150
+
+
+form
+false
+color=
+color=blue
+color=blue,black,brown
+color=R,100,G,200,B,150
+
+
+form
+true
+color=
+color=blue
+color=blue&color=black&color=brown
+R=100&G=200&B=150
+
+
+simple
+false
+n/a
+blue
+blue,black,brown
+R,100,G,200,B,150
+
+
+simple
+true
+n/a
+blue
+blue,black,brown
+R=100,G=200,B=150
+
+
+spaceDelimited
+false
+n/a
+n/a
+blue%20black%20brown
+R%20100%20G%20200%20B%20150
+
+
+pipeDelimited
+false
+n/a
+n/a
+blue|black|brown
+R|100|G|200|B|150
+
+
+
+deepObject
+true
+n/a
+n/a
+n/a
+color[R]=100&color[G]=200&color[B]=150
+Parameter Object Examples
+
+{
+ "name": "token",
+ "in": "header",
+ "description": "token to be passed as a header",
+ "required": true,
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "integer",
+ "format": "int64"
+ }
+ },
+ "style": "simple"
+}
+
+name: token
+in: header
+description: token to be passed as a header
+required: true
+schema:
+ type: array
+ items:
+ type: integer
+ format: int64
+style: simple
+
+{
+ "name": "username",
+ "in": "path",
+ "description": "username to fetch",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+}
+
+name: username
+in: path
+description: username to fetch
+required: true
+schema:
+ type: string
+
+{
+ "name": "id",
+ "in": "query",
+ "description": "ID of the object to fetch",
+ "required": false,
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "style": "form",
+ "explode": true
+}
+
+name: id
+in: query
+description: ID of the object to fetch
+required: false
+schema:
+ type: array
+ items:
+ type: string
+style: form
+explode: true
+
+{
+ "in": "query",
+ "name": "freeForm",
+ "schema": {
+ "type": "object",
+ "additionalProperties": {
+ "type": "integer"
+ },
+ },
+ "style": "form"
+}
+
+in: query
+name: freeForm
+schema:
+ type: object
+ additionalProperties:
+ type: integer
+style: form
+content to define serialization:
+{
+ "in": "query",
+ "name": "coordinates",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "object",
+ "required": [
+ "lat",
+ "long"
+ ],
+ "properties": {
+ "lat": {
+ "type": "number"
+ },
+ "long": {
+ "type": "number"
+ }
+ }
+ }
+ }
+ }
+}
+
+in: query
+name: coordinates
+content:
+ application/json:
+ schema:
+ type: object
+ required:
+ - lat
+ - long
+ properties:
+ lat:
+ type: number
+ long:
+ type: number
+Request Body Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ description
+stringA brief description of the request body. This could contain examples of use. CommonMark syntax MAY be used for rich text representation.
+
+
+ content
+Map[
+string, Media Type Object]REQUIRED. The content of the request body. The key is a media type or media type range and the value describes it. For requests that match multiple keys, only the most specific key is applicable. e.g. text/plain overrides text/*
+
+
+
+ required
+booleanDetermines if the request body is required in the request. Defaults to
+false.Request Body Examples
+
+{
+ "description": "user to add to the system",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/User"
+ },
+ "examples": {
+ "user" : {
+ "summary": "User Example",
+ "externalValue": "http://foo.bar/examples/user-example.json"
+ }
+ }
+ },
+ "application/xml": {
+ "schema": {
+ "$ref": "#/components/schemas/User"
+ },
+ "examples": {
+ "user" : {
+ "summary": "User example in XML",
+ "externalValue": "http://foo.bar/examples/user-example.xml"
+ }
+ }
+ },
+ "text/plain": {
+ "examples": {
+ "user" : {
+ "summary": "User example in Plain text",
+ "externalValue": "http://foo.bar/examples/user-example.txt"
+ }
+ }
+ },
+ "*/*": {
+ "examples": {
+ "user" : {
+ "summary": "User example in other format",
+ "externalValue": "http://foo.bar/examples/user-example.whatever"
+ }
+ }
+ }
+ }
+}
+
+description: user to add to the system
+content:
+ 'application/json':
+ schema:
+ $ref: '#/components/schemas/User'
+ examples:
+ user:
+ summary: User Example
+ externalValue: 'http://foo.bar/examples/user-example.json'
+ 'application/xml':
+ schema:
+ $ref: '#/components/schemas/User'
+ examples:
+ user:
+ summary: User Example in XML
+ externalValue: 'http://foo.bar/examples/user-example.xml'
+ 'text/plain':
+ examples:
+ user:
+ summary: User example in text plain format
+ externalValue: 'http://foo.bar/examples/user-example.txt'
+ '*/*':
+ examples:
+ user:
+ summary: User example in other format
+ externalValue: 'http://foo.bar/examples/user-example.whatever'
+
+{
+ "description": "user to add to the system",
+ "content": {
+ "text/plain": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ }
+ }
+}
+
+description: user to add to the system
+required: true
+content:
+ text/plain:
+ schema:
+ type: array
+ items:
+ type: string
+Media Type Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ schema
+Schema Object | Reference Object
+The schema defining the content of the request, response, or parameter.
+
+
+ example
+Any
+Example of the media type. The example object SHOULD be in the correct format as specified by the media type. The
+example field is mutually exclusive of the examples field. Furthermore, if referencing a schema which contains an example, the example value SHALL override the example provided by the schema.
+
+ examples
+Map[
+string, Example Object | Reference Object]Examples of the media type. Each example object SHOULD match the media type and specified schema if present. The
+examples field is mutually exclusive of the example field. Furthermore, if referencing a schema which contains an example, the examples value SHALL override the example provided by the schema.
+
+
+ encoding
+Map[
+string, Encoding Object]A map between a property name and its encoding information. The key, being the property name, MUST exist in the schema as a property. The encoding object SHALL only apply to
+requestBody objects when the media type is multipart or application/x-www-form-urlencoded.Media Type Examples
+
+{
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/Pet"
+ },
+ "examples": {
+ "cat" : {
+ "summary": "An example of a cat",
+ "value":
+ {
+ "name": "Fluffy",
+ "petType": "Cat",
+ "color": "White",
+ "gender": "male",
+ "breed": "Persian"
+ }
+ },
+ "dog": {
+ "summary": "An example of a dog with a cat's name",
+ "value" : {
+ "name": "Puma",
+ "petType": "Dog",
+ "color": "Black",
+ "gender": "Female",
+ "breed": "Mixed"
+ },
+ "frog": {
+ "$ref": "#/components/examples/frog-example"
+ }
+ }
+ }
+ }
+}
+
+application/json:
+ schema:
+ $ref: "#/components/schemas/Pet"
+ examples:
+ cat:
+ summary: An example of a cat
+ value:
+ name: Fluffy
+ petType: Cat
+ color: White
+ gender: male
+ breed: Persian
+ dog:
+ summary: An example of a dog with a cat's name
+ value:
+ name: Puma
+ petType: Dog
+ color: Black
+ gender: Female
+ breed: Mixed
+ frog:
+ $ref: "#/components/examples/frog-example"
+Considerations for File Uploads
+file input/output content in OpenAPI is described with the same semantics as any other schema type. Specifically:
+# content transferred with base64 encoding
+schema:
+ type: string
+ format: base64
+
+# content transferred in binary (octet-stream):
+schema:
+ type: string
+ format: binary
+requestBody for submitting a file in a POST operation may look like the following example:
+requestBody:
+ content:
+ application/octet-stream:
+ schema:
+ # a binary file of any type
+ type: string
+ format: binary
+
+# multiple, specific media types may be specified:
+requestBody:
+ content:
+ # a binary file of type png or jpeg
+ 'image/jpeg':
+ schema:
+ type: string
+ format: binary
+ 'image/png':
+ schema:
+ type: string
+ format: binary
+multipart media type MUST be used:
+requestBody:
+ content:
+ multipart/form-data:
+ schema:
+ properties:
+ # The property name 'file' will be used for all files.
+ file:
+ type: array
+ items:
+ type: string
+ format: binary
+
+Support for x-www-form-urlencoded Request Bodies
+
+requestBody:
+ content:
+ application/x-www-form-urlencoded:
+ schema:
+ type: object
+ properties:
+ id:
+ type: string
+ format: uuid
+ address:
+ # complex types are stringified to support RFC 1866
+ type: object
+ properties: {}
+requestBody MUST be stringified per [[!RFC1866]] when passed to the server. In addition, the address field complex object will be stringified.application/x-www-form-urlencoded content type, the default serialization strategy of such properties is described in the Encoding Object’s style property as form.Special Considerations for
+multipart Contentmultipart/form-data as a Content-Type when transferring request bodies to operations. In contrast to 2.0, a schema is REQUIRED to define the input parameters to the operation when using multipart content. This supports complex structures as well as supporting mechanisms for multiple file uploads.multipart types, boundaries MAY be used to separate sections of the content being transferred — thus, the following default Content-Types are defined for multipart:
+
+text/plainapplication/jsontype: string with format: binary or format: base64 (aka a file object), the default Content-Type is application/octet-stream
+requestBody:
+ content:
+ multipart/form-data:
+ schema:
+ type: object
+ properties:
+ id:
+ type: string
+ format: uuid
+ address:
+ # default Content-Type for objects is `application/json`
+ type: object
+ properties: {}
+ profileImage:
+ # default Content-Type for string/binary is `application/octet-stream`
+ type: string
+ format: binary
+ children:
+ # default Content-Type for arrays is based on the `inner` type (text/plain here)
+ type: array
+ items:
+ type: string
+ addresses:
+ # default Content-Type for arrays is based on the `inner` type (object shown, so `application/json` in this example)
+ type: array
+ items:
+ type: '#/components/schemas/Address'
+encoding attribute is introduced to give you control over the serialization of parts of multipart request bodies. This attribute is only applicable to multipart and application/x-www-form-urlencoded request bodies.Encoding Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ contentType
+stringThe Content-Type for encoding a specific property. Default value depends on the property type: for
+string with format being binary – application/octet-stream; for other primitive types – text/plain; for object - application/json; for array – the default is defined based on the inner type. The value can be a specific media type (e.g. application/json), a wildcard media type (e.g. image/*), or a comma-separated list of the two types.
+
+ headers
+Map[
+string, Header Object | Reference Object]A map allowing additional information to be provided as headers, for example
+Content-Disposition. Content-Type is described separately and SHALL be ignored in this section. This property SHALL be ignored if the request body media type is not a multipart.
+
+ style
+stringDescribes how a specific property value will be serialized depending on its type. See Parameter Object for details on the
+style property. The behavior follows the same values as query parameters, including default values. This property SHALL be ignored if the request body media type is not application/x-www-form-urlencoded.
+
+ explode
+booleanWhen this is true, property values of type
+array or object generate separate parameters for each value of the array, or key-value-pair of the map. For other types of properties this property has no effect. When style is form, the default value is true. For all other styles, the default value is false. This property SHALL be ignored if the request body media type is not application/x-www-form-urlencoded.
+
+
+ allowReserved
+booleanDetermines whether the parameter value SHOULD allow reserved characters, as defined by [[!RFC3986]]
+:/?#[]@!$&'()*+,;= to be included without percent-encoding. The default value is false. This property SHALL be ignored if the request body media type is not application/x-www-form-urlencoded.Encoding Object Example
+
+requestBody:
+ content:
+ multipart/mixed:
+ schema:
+ type: object
+ properties:
+ id:
+ # default is text/plain
+ type: string
+ format: uuid
+ address:
+ # default is application/json
+ type: object
+ properties: {}
+ historyMetadata:
+ # need to declare XML format!
+ description: metadata in XML format
+ type: object
+ properties: {}
+ profileImage:
+ # default is application/octet-stream, need to declare an image type only!
+ type: string
+ format: binary
+ encoding:
+ historyMetadata:
+ # require XML Content-Type in utf-8 encoding
+ contentType: application/xml; charset=utf-8
+ profileImage:
+ # only accept png/jpeg
+ contentType: image/png, image/jpeg
+ headers:
+ X-Rate-Limit-Limit:
+ description: The number of allowed requests in the current period
+ schema:
+ type: integer
+Responses Object
+default MAY be used as a default response object for all HTTP codes
+that are not covered individually by the specification.Responses Object MUST contain at least one response code, and it
+SHOULD be the response for a successful operation call.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+
+ default
+Response Object | Reference Object
+The documentation of responses other than the ones declared for specific HTTP response codes. Use this field to cover undeclared responses. A Reference Object can link to a response that the OpenAPI Object’s components/responses section defines.
+Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ HTTP Status Code
+Response Object | Reference Object
+Any HTTP status code can be used as the property name, but only one property per code, to describe the expected response for that HTTP status code. A Reference Object can link to a response that is defined in the OpenAPI Object’s components/responses section. This field MUST be enclosed in quotation marks (for example, “200”) for compatibility between JSON and YAML. To define a range of response codes, this field MAY contain the uppercase wildcard character
+X. For example, 2XX represents all response codes between [200-299]. Only the following range definitions are allowed: 1XX, 2XX, 3XX, 4XX, and 5XX. If a response is defined using an explicit code, the explicit code definition takes precedence over the range definition for that code.Responses Object Example
+
+{
+ "200": {
+ "description": "a pet to be returned",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/Pet"
+ }
+ }
+ }
+ },
+ "default": {
+ "description": "Unexpected error",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ErrorModel"
+ }
+ }
+ }
+ }
+}
+
+'200':
+ description: a pet to be returned
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Pet'
+default:
+ description: Unexpected error
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ErrorModel'
+Response Object
+links to operations based on the response.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ description
+stringREQUIRED. A short description of the response. CommonMark syntax MAY be used for rich text representation.
+
+
+ headers
+Map[
+string, Header Object | Reference Object]Maps a header name to its definition. [[!RFC7230]] states header names are case insensitive. If a response header is defined with the name
+"Content-Type", it SHALL be ignored.
+
+ content
+Map[
+string, Media Type Object]A map containing descriptions of potential response payloads. The key is a media type or media type range and the value describes it. For responses that match multiple keys, only the most specific key is applicable. e.g. text/plain overrides text/*
+
+
+
+ links
+Map[
+string, Link Object | Reference Object]A map of operations links that can be followed from the response. The key of the map is a short name for the link, following the naming constraints of the names for Component Objects.
+Response Object Examples
+
+{
+ "description": "A complex object array response",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/VeryComplexType"
+ }
+ }
+ }
+ }
+}
+
+description: A complex object array response
+content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/VeryComplexType'
+
+{
+ "description": "A simple string response",
+ "content": {
+ "text/plain": {
+ "schema": {
+ "type": "string"
+ }
+ }
+ }
+
+}
+
+description: A simple string response
+content:
+ text/plain:
+ schema:
+ type: string
+
+{
+ "description": "A simple string response",
+ "content": {
+ "text/plain": {
+ "schema": {
+ "type": "string",
+ "example": "whoa!"
+ }
+ }
+ },
+ "headers": {
+ "X-Rate-Limit-Limit": {
+ "description": "The number of allowed requests in the current period",
+ "schema": {
+ "type": "integer"
+ }
+ },
+ "X-Rate-Limit-Remaining": {
+ "description": "The number of remaining requests in the current period",
+ "schema": {
+ "type": "integer"
+ }
+ },
+ "X-Rate-Limit-Reset": {
+ "description": "The number of seconds left in the current period",
+ "schema": {
+ "type": "integer"
+ }
+ }
+ }
+}
+
+description: A simple string response
+content:
+ text/plain:
+ schema:
+ type: string
+ example: 'whoa!'
+headers:
+ X-Rate-Limit-Limit:
+ description: The number of allowed requests in the current period
+ schema:
+ type: integer
+ X-Rate-Limit-Remaining:
+ description: The number of remaining requests in the current period
+ schema:
+ type: integer
+ X-Rate-Limit-Reset:
+ description: The number of seconds left in the current period
+ schema:
+ type: integer
+
+{
+ "description": "object created"
+}
+
+description: object created
+Callback Object
+Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ {expression}
+Path Item Object
+A Path Item Object used to define a callback request and expected responses. A complete example is available.
+Key Expression
+$request.body#/url.
+However, using a runtime expression the complete HTTP message can be accessed.
+This includes accessing any part of a body that a JSON Pointer [[!RFC6901]] can reference.
+POST /subscribe/myevent?queryUrl=http://clientdomain.com/stillrunning HTTP/1.1
+Host: example.org
+Content-Type: application/json
+Content-Length: 187
+
+{
+ "failedUrl" : "http://clientdomain.com/failed",
+ "successUrls" : [
+ "http://clientdomain.com/fast",
+ "http://clientdomain.com/medium",
+ "http://clientdomain.com/slow"
+ ]
+}
+
+201 Created
+Location: http://example.org/subscription/1
+eventType and a query parameter named queryUrl.
+
+
+
+
+
+
+Expression
+Value
+
+
+$url
+http://example.org/subscribe/myevent?queryUrl=http://clientdomain.com/stillrunning
+
+
+$method
+POST
+
+
+$request.path.eventType
+myevent
+
+
+$request.query.queryUrl
+http://clientdomain.com/stillrunning
+
+
+$request.header.content-Type
+application/json
+
+
+$request.body#/failedUrl
+http://clientdomain.com/failed
+
+
+$request.body#/successUrls/2
+http://clientdomain.com/medium
+
+
+
+$response.header.Location
+http://example.org/subscription/1
+Callback Object Examples
+queryUrl query string parameter to define the callback URL. This is an example of how to use a callback object to describe a WebHook callback that goes with the subscription operation to enable registering for the WebHook.
+myCallback:
+ '{$request.query.queryUrl}':
+ post:
+ requestBody:
+ description: Callback payload
+ content:
+ 'application/json':
+ schema:
+ $ref: '#/components/schemas/SomePayload'
+ responses:
+ '200':
+ description: callback successfully processed
+id and email property in the request body.
+transactionCallback:
+ 'http://notificationServer.com?transactionId={$request.body#/id}&email={$request.body#/email}':
+ post:
+ requestBody:
+ description: Callback payload
+ content:
+ 'application/json':
+ schema:
+ $ref: '#/components/schemas/SomePayload'
+ responses:
+ '200':
+ description: callback successfully processed
+Example Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ summary
+stringShort description for the example.
+
+
+ description
+stringLong description for the example. CommonMark syntax MAY be used for rich text representation.
+
+
+ value
+Any
+Embedded literal example. The
+value field and externalValue field are mutually exclusive. To represent examples of media types that cannot naturally represented in JSON or YAML, use a string value to contain the example, escaping where necessary.
+
+
+ externalValue
+stringA URL that points to the literal example. This provides the capability to reference examples that cannot easily be included in JSON or YAML documents. The
+value field and externalValue field are mutually exclusive.Example Object Examples
+
+requestBody:
+ content:
+ 'application/json':
+ schema:
+ $ref: '#/components/schemas/Address'
+ examples:
+ foo:
+ summary: A foo example
+ value: {"foo": "bar"}
+ bar:
+ summary: A bar example
+ value: {"bar": "baz"}
+ 'application/xml':
+ examples:
+ xmlExample:
+ summary: This is an example in XML
+ externalValue: 'http://example.org/examples/address-example.xml'
+ 'text/plain':
+ examples:
+ textExample:
+ summary: This is a text example
+ externalValue: 'http://foo.bar/examples/address-example.txt'
+
+parameters:
+ - name: 'zipCode'
+ in: 'query'
+ schema:
+ type: 'string'
+ format: 'zip-code'
+ examples:
+ zip-example:
+ $ref: '#/components/examples/zip-example'
+
+responses:
+ '200':
+ description: your car appointment has been booked
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SuccessResponse'
+ examples:
+ confirmation-success:
+ $ref: '#/components/examples/confirmation-success'
+Link Object
+Link object represents a possible design-time link for a response.
+The presence of a link does not guarantee the caller’s ability to successfully invoke it, rather it provides a known relationship and traversal mechanism between responses and other operations.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ operationRef
+stringA relative or absolute URI reference to an OAS operation. This field is mutually exclusive of the
+operationId field, and MUST point to an Operation Object. Relative operationRef values MAY be used to locate an existing Operation Object in the OpenAPI definition.
+
+ operationId
+stringThe name of an existing, resolvable OAS operation, as defined with a unique
+operationId. This field is mutually exclusive of the operationRef field.
+
+ parameters
+Map[
+string, Any | {expression}]A map representing parameters to pass to an operation as specified with
+operationId or identified via operationRef. The key is the parameter name to be used, whereas the value can be a constant or an expression to be evaluated and passed to the linked operation. The parameter name can be qualified using the parameter location [{in}.]{name} for operations that use the same parameter name in different locations (e.g. path.id).
+
+ requestBody
+Any | {expression}
+A literal value or {expression} to use as a request body when calling the target operation.
+
+
+ description
+stringA description of the link. CommonMark syntax MAY be used for rich text representation.
+
+
+
+ server
+Server Object
+A server object to be used by the target operation.
+operationRef or operationId.
+In the case of an operationId, it MUST be unique and resolved in the scope of the OAS document.
+Because of the potential for name clashes, the operationRef syntax is preferred
+for specifications with external references.Examples
+$request.path.id is used to pass a request parameter to the linked operation.
+paths:
+ /users/{id}:
+ parameters:
+ - name: id
+ in: path
+ required: true
+ description: the user identifier, as userId
+ schema:
+ type: string
+ get:
+ responses:
+ '200':
+ description: the user being returned
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ uuid: # the unique user id
+ type: string
+ format: uuid
+ links:
+ address:
+ # the target link operationId
+ operationId: getUserAddress
+ parameters:
+ # get the `id` field from the request path parameter named `id`
+ userId: $request.path.id
+ # the path item of the linked operation
+ /users/{userid}/address:
+ parameters:
+ - name: userid
+ in: path
+ required: true
+ description: the user identifier, as userId
+ schema:
+ type: string
+ # linked operation
+ get:
+ operationId: getUserAddress
+ responses:
+ '200':
+ description: the user's address
+
+links:
+ address:
+ operationId: getUserAddressByUUID
+ parameters:
+ # get the `uuid` field from the `uuid` field in the response body
+ userUuid: $response.body#/uuid
+OperationRef Examples
+operationId MAY NOT be possible (the operationId is an optional
+field in an Operation Object), references MAY also be made through a relative operationRef:
+links:
+ UserRepositories:
+ # returns array of '#/components/schemas/repository'
+ operationRef: '#/paths/~12.0~1repositories~1{username}/get'
+ parameters:
+ username: $response.body#/username
+operationRef:
+links:
+ UserRepositories:
+ # returns array of '#/components/schemas/repository'
+ operationRef: 'https://na2.gigantic-server.com/#/paths/~12.0~1repositories~1{username}/get'
+ parameters:
+ username: $response.body#/username
+operationRef, the escaped forward-slash is necessary when
+using JSON references.Runtime Expressions
+
+ expression = ( "$url" / "$method" / "$statusCode" / "$request." source / "$response." source )
+ source = ( header-reference / query-reference / path-reference / body-reference )
+ header-reference = "header." token
+ query-reference = "query." name
+ path-reference = "path." name
+ body-reference = "body" ["#" json-pointer ]
+ json-pointer = *( "/" reference-token )
+ reference-token = *( unescaped / escaped )
+ unescaped = %x00-2E / %x30-7D / %x7F-10FFFF
+ ; %x2F ('/') and %x7E ('~') are excluded from 'unescaped'
+ escaped = "~" ( "0" / "1" )
+ ; representing '~' and '/', respectively
+ name = *( CHAR )
+ token = 1*tchar
+ tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*" / "+" / "-" / "." /
+ "^" / "_" / "`" / "|" / "~" / DIGIT / ALPHA
+json-pointer is taken from [[!RFC6901]], char from [[!RFC7159]] and token from [[!RFC7230]].name identifier is case-sensitive, whereas token is not.Examples
+
+
+
+
+
+
+
+Source Location
+example expression
+notes
+
+
+HTTP Method
+$methodThe allowable values for the
+$method will be those for the HTTP operation.
+
+Requested media type
+$request.header.accept
+
+
+Request parameter
+$request.path.idRequest parameters MUST be declared in the
+parameters section of the parent operation or they cannot be evaluated. This includes request headers.
+
+Request body property
+$request.body#/user/uuidIn operations which accept payloads, references may be made to portions of the
+requestBody or the entire body.
+
+Request URL
+$url
+
+
+Response value
+$response.body#/statusIn operations which return payloads, references may be made to portions of the response body or the entire body.
+
+
+
+Response header
+$response.header.ServerSingle header values only are available
+{} curly braces.Header Object
+
+
+name MUST NOT be specified, it is given in the corresponding headers map.in MUST NOT be specified, it is implicitly in header.header (for example, style).Header Object Example
+integer:
+{
+ "description": "The number of allowed requests in the current period",
+ "schema": {
+ "type": "integer"
+ }
+}
+
+description: The number of allowed requests in the current period
+schema:
+ type: integer
+Tag Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ name
+stringREQUIRED. The name of the tag.
+
+
+ description
+stringA short description for the tag. CommonMark syntax MAY be used for rich text representation.
+
+
+
+ externalDocs
+External Documentation Object
+Additional external documentation for this tag.
+Tag Object Example
+
+{
+ "name": "pet",
+ "description": "Pets operations"
+}
+
+name: pet
+description: Pets operations
+Reference Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+
+ $ref
+stringREQUIRED. The reference string.
+Reference Object Example
+
+{
+ "$ref": "#/components/schemas/Pet"
+}
+
+$ref: '#/components/schemas/Pet'
+Relative Schema Document Example
+
+{
+ "$ref": "Pet.json"
+}
+
+$ref: Pet.yaml
+Relative Documents With Embedded Schema Example
+
+{
+ "$ref": "definitions.json#/Pet"
+}
+
+$ref: definitions.yaml#/Pet
+Schema Object
+Properties
+
+
+
+
+items MUST be present if the type is array.additionalProperties defaults to true.type is string, then default can be "foo" but cannot be 1.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ nullable
+booleanA
+true value adds "null" to the allowed type specified by the type keyword, only if type is explicitly defined within the same Schema Object. Other Schema Object constraints retain their defined behavior, and therefore may disallow the use of null as a value. A false value leaves the specified or default type unmodified. The default value is false.
+
+ discriminator
+Discriminator Object
+Adds support for polymorphism. The discriminator is an object name that is used to differentiate between other schemas which may satisfy the payload description. See Composition and Inheritance for more details.
+
+
+ readOnly
+booleanRelevant only for Schema
+"properties" definitions. Declares the property as “read only”. This means that it MAY be sent as part of a response but SHOULD NOT be sent as part of the request. If the property is marked as readOnly being true and is in the required list, the required will take effect on the response only. A property MUST NOT be marked as both readOnly and writeOnly being true. Default value is false.
+
+ writeOnly
+booleanRelevant only for Schema
+"properties" definitions. Declares the property as “write only”. Therefore, it MAY be sent as part of a request but SHOULD NOT be sent as part of the response. If the property is marked as writeOnly being true and is in the required list, the required will take effect on the request only. A property MUST NOT be marked as both readOnly and writeOnly being true. Default value is false.
+
+ xml
+XML Object
+This MAY be used only on properties schemas. It has no effect on root schemas. Adds additional metadata to describe the XML representation of this property.
+
+
+ externalDocs
+External Documentation Object
+Additional external documentation for this schema.
+
+
+ example
+Any
+A free-form property to include an example of an instance for this schema. To represent examples that cannot be naturally represented in JSON or YAML, a string value can be used to contain the example with escaping where necessary.
+
+
+
+ deprecated
+booleanSpecifies that a schema is deprecated and SHOULD be transitioned out of usage. Default value is
+false.Composition and Inheritance (Polymorphism)
+allOf property of JSON Schema, in effect offering model composition.
+allOf takes an array of object definitions that are validated independently but together compose a single object.discriminator field.
+When used, the discriminator will be the name of the property that decides which schema definition validates the structure of the model.
+As such, the discriminator field MUST be a required field.
+There are two ways to define the value of a discriminator for an inheriting instance.
+
+XML Modeling
+Schema Object Examples
+Primitive Sample
+
+{
+ "type": "string",
+ "format": "email"
+}
+
+type: string
+format: email
+Simple Model
+
+{
+ "type": "object",
+ "required": [
+ "name"
+ ],
+ "properties": {
+ "name": {
+ "type": "string"
+ },
+ "address": {
+ "$ref": "#/components/schemas/Address"
+ },
+ "age": {
+ "type": "integer",
+ "format": "int32",
+ "minimum": 0
+ }
+ }
+}
+
+type: object
+required:
+- name
+properties:
+ name:
+ type: string
+ address:
+ $ref: '#/components/schemas/Address'
+ age:
+ type: integer
+ format: int32
+ minimum: 0
+Model with Map/Dictionary Properties
+
+{
+ "type": "object",
+ "additionalProperties": {
+ "type": "string"
+ }
+}
+
+type: object
+additionalProperties:
+ type: string
+
+{
+ "type": "object",
+ "additionalProperties": {
+ "$ref": "#/components/schemas/ComplexModel"
+ }
+}
+
+type: object
+additionalProperties:
+ $ref: '#/components/schemas/ComplexModel'
+Model with Example
+
+{
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "integer",
+ "format": "int64"
+ },
+ "name": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "name"
+ ],
+ "example": {
+ "name": "Puma",
+ "id": 1
+ }
+}
+
+type: object
+properties:
+ id:
+ type: integer
+ format: int64
+ name:
+ type: string
+required:
+- name
+example:
+ name: Puma
+ id: 1
+Models with Composition
+
+{
+ "components": {
+ "schemas": {
+ "ErrorModel": {
+ "type": "object",
+ "required": [
+ "message",
+ "code"
+ ],
+ "properties": {
+ "message": {
+ "type": "string"
+ },
+ "code": {
+ "type": "integer",
+ "minimum": 100,
+ "maximum": 600
+ }
+ }
+ },
+ "ExtendedErrorModel": {
+ "allOf": [
+ {
+ "$ref": "#/components/schemas/ErrorModel"
+ },
+ {
+ "type": "object",
+ "required": [
+ "rootCause"
+ ],
+ "properties": {
+ "rootCause": {
+ "type": "string"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+}
+
+components:
+ schemas:
+ ErrorModel:
+ type: object
+ required:
+ - message
+ - code
+ properties:
+ message:
+ type: string
+ code:
+ type: integer
+ minimum: 100
+ maximum: 600
+ ExtendedErrorModel:
+ allOf:
+ - $ref: '#/components/schemas/ErrorModel'
+ - type: object
+ required:
+ - rootCause
+ properties:
+ rootCause:
+ type: string
+Models with Polymorphism Support
+
+{
+ "components": {
+ "schemas": {
+ "Pet": {
+ "type": "object",
+ "discriminator": {
+ "propertyName": "petType"
+ },
+ "properties": {
+ "name": {
+ "type": "string"
+ },
+ "petType": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "name",
+ "petType"
+ ]
+ },
+ "Cat": {
+ "description": "A representation of a cat. Note that `Cat` will be used as the discriminator value.",
+ "allOf": [
+ {
+ "$ref": "#/components/schemas/Pet"
+ },
+ {
+ "type": "object",
+ "properties": {
+ "huntingSkill": {
+ "type": "string",
+ "description": "The measured skill for hunting",
+ "default": "lazy",
+ "enum": [
+ "clueless",
+ "lazy",
+ "adventurous",
+ "aggressive"
+ ]
+ }
+ },
+ "required": [
+ "huntingSkill"
+ ]
+ }
+ ]
+ },
+ "Dog": {
+ "description": "A representation of a dog. Note that `Dog` will be used as the discriminator value.",
+ "allOf": [
+ {
+ "$ref": "#/components/schemas/Pet"
+ },
+ {
+ "type": "object",
+ "properties": {
+ "packSize": {
+ "type": "integer",
+ "format": "int32",
+ "description": "the size of the pack the dog is from",
+ "default": 0,
+ "minimum": 0
+ }
+ },
+ "required": [
+ "packSize"
+ ]
+ }
+ ]
+ }
+ }
+ }
+}
+
+components:
+ schemas:
+ Pet:
+ type: object
+ discriminator:
+ propertyName: petType
+ properties:
+ name:
+ type: string
+ petType:
+ type: string
+ required:
+ - name
+ - petType
+ Cat: ## "Cat" will be used as the discriminator value
+ description: A representation of a cat
+ allOf:
+ - $ref: '#/components/schemas/Pet'
+ - type: object
+ properties:
+ huntingSkill:
+ type: string
+ description: The measured skill for hunting
+ enum:
+ - clueless
+ - lazy
+ - adventurous
+ - aggressive
+ required:
+ - huntingSkill
+ Dog: ## "Dog" will be used as the discriminator value
+ description: A representation of a dog
+ allOf:
+ - $ref: '#/components/schemas/Pet'
+ - type: object
+ properties:
+ packSize:
+ type: integer
+ format: int32
+ description: the size of the pack the dog is from
+ default: 0
+ minimum: 0
+ required:
+ - packSize
+Discriminator Object
+discriminator object can be used to aid in serialization, deserialization, and validation. The discriminator is a specific object in a schema which is used to inform the consumer of the specification of an alternative schema based on the value associated with it.Fixed Fields
+oneOf, anyOf, allOf.
+MyResponseType:
+ oneOf:
+ - $ref: '#/components/schemas/Cat'
+ - $ref: '#/components/schemas/Dog'
+ - $ref: '#/components/schemas/Lizard'
+Cat, Dog, or Lizard. In this case, a discriminator MAY act as a “hint” to shortcut validation and selection of the matching schema which may be a costly operation, depending on the complexity of the schema. We can then describe exactly which field tells us which schema to use:
+MyResponseType:
+ oneOf:
+ - $ref: '#/components/schemas/Cat'
+ - $ref: '#/components/schemas/Dog'
+ - $ref: '#/components/schemas/Lizard'
+ discriminator:
+ propertyName: petType
+petType MUST be present in the response payload, and the value will correspond to the name of a schema defined in the OAS document. Thus the response payload:
+{
+ "id": 12345,
+ "petType": "Cat"
+}
+Cat schema be used in conjunction with this payload.mapping definition MAY be used:
+MyResponseType:
+ oneOf:
+ - $ref: '#/components/schemas/Cat'
+ - $ref: '#/components/schemas/Dog'
+ - $ref: '#/components/schemas/Lizard'
+ - $ref: 'https://gigantic-server.com/schemas/Monster/schema.json'
+ discriminator:
+ propertyName: petType
+ mapping:
+ dog: '#/components/schemas/Dog'
+ monster: 'https://gigantic-server.com/schemas/Monster/schema.json'
+dog will map to the schema #/components/schemas/Dog, rather than the default (implicit) value of Dog. If the discriminator value does not match an implicit or explicit mapping, no schema can be determined and validation SHOULD fail. Mapping keys MUST be string values, but tooling MAY convert response values to strings for comparison.anyOf construct, the use of the discriminator can avoid ambiguity where multiple schemas may satisfy a single payload.oneOf and anyOf use cases, all possible schemas MUST be listed explicitly. To avoid redundancy, the discriminator MAY be added to a parent schema definition, and all schemas comprising the parent schema in an allOf construct may be used as an alternate schema.
+components:
+ schemas:
+ Pet:
+ type: object
+ required:
+ - petType
+ properties:
+ petType:
+ type: string
+ discriminator:
+ propertyName: petType
+ mapping:
+ dog: Dog
+ Cat:
+ allOf:
+ - $ref: '#/components/schemas/Pet'
+ - type: object
+ # all other properties specific to a `Cat`
+ properties:
+ name:
+ type: string
+ Dog:
+ allOf:
+ - $ref: '#/components/schemas/Pet'
+ - type: object
+ # all other properties specific to a `Dog`
+ properties:
+ bark:
+ type: string
+ Lizard:
+ allOf:
+ - $ref: '#/components/schemas/Pet'
+ - type: object
+ # all other properties specific to a `Lizard`
+ properties:
+ lovesRocks:
+ type: boolean
+
+{
+ "petType": "Cat",
+ "name": "misty"
+}
+Cat schema be used. Likewise this schema:
+{
+ "petType": "dog",
+ "bark": "soft"
+}
+Dog because of the definition in the mappings element.XML Object
+name property SHOULD be used to add that information.
+See examples for expected behavior.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ name
+stringReplaces the name of the element/attribute used for the described schema property. When defined within
+items, it will affect the name of the individual XML elements within the list. When defined alongside type being array (outside the items), it will affect the wrapping element and only if wrapped is true. If wrapped is false, it will be ignored.
+
+ namespace
+stringThe URI of the namespace definition. Value MUST be in the form of an absolute URI.
+
+
+ prefix
+stringThe prefix to be used for the name.
+
+
+ attribute
+booleanDeclares whether the property definition translates to an attribute instead of an element. Default value is
+false.
+
+
+ wrapped
+booleanMAY be used only for an array definition. Signifies whether the array is wrapped (for example,
+<books><book/><book/></books>) or unwrapped (<book/><book/>). Default value is false. The definition takes effect only when defined alongside type being array (outside the items).XML Object Examples
+No XML Element
+
+{
+ "animals": {
+ "type": "string"
+ }
+}
+
+animals:
+ type: string
+
+<animals>...</animals>
+wrapped is false by default):
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+
+<animals>...</animals>
+<animals>...</animals>
+<animals>...</animals>
+XML Name Replacement
+
+{
+ "animals": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ }
+}
+
+animals:
+ type: string
+ xml:
+ name: animal
+
+<animal>...</animal>
+XML Attribute, Prefix and Namespace
+
+{
+ "Person": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "integer",
+ "format": "int32",
+ "xml": {
+ "attribute": true
+ }
+ },
+ "name": {
+ "type": "string",
+ "xml": {
+ "namespace": "http://example.com/schema/sample",
+ "prefix": "sample"
+ }
+ }
+ }
+ }
+}
+
+Person:
+ type: object
+ properties:
+ id:
+ type: integer
+ format: int32
+ xml:
+ attribute: true
+ name:
+ type: string
+ xml:
+ namespace: http://example.com/schema/sample
+ prefix: sample
+
+<Person id="123">
+ <sample:name xmlns:sample="http://example.com/schema/sample">example</sample:name>
+</Person>
+XML Arrays
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: animal
+
+<animal>value</animal>
+<animal>value</animal>
+name property has no effect on the XML:
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ },
+ "xml": {
+ "name": "aliens"
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: animal
+ xml:
+ name: aliens
+
+<animal>value</animal>
+<animal>value</animal>
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ },
+ "xml": {
+ "wrapped": true
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ wrapped: true
+
+<animals>
+ <animals>value</animals>
+ <animals>value</animals>
+</animals>
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ },
+ "xml": {
+ "wrapped": true
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: animal
+ xml:
+ wrapped: true
+
+<animals>
+ <animal>value</animal>
+ <animal>value</animal>
+</animals>
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ },
+ "xml": {
+ "name": "aliens",
+ "wrapped": true
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: animal
+ xml:
+ name: aliens
+ wrapped: true
+
+<aliens>
+ <animal>value</animal>
+ <animal>value</animal>
+</aliens>
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ },
+ "xml": {
+ "name": "aliens",
+ "wrapped": true
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: aliens
+ wrapped: true
+
+<aliens>
+ <aliens>value</aliens>
+ <aliens>value</aliens>
+</aliens>
+Security Scheme Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Applies To
+Description
+
+
+ type
+stringAny
+REQUIRED. The type of the security scheme. Valid values are
+"apiKey", "http", "oauth2", "openIdConnect".
+
+ description
+stringAny
+A short description for security scheme. CommonMark syntax MAY be used for rich text representation.
+
+
+ name
+stringapiKeyREQUIRED. The name of the header, query or cookie parameter to be used.
+
+
+ in
+stringapiKeyREQUIRED. The location of the API key. Valid values are
+"query", "header" or "cookie".
+
+ scheme
+stringhttpREQUIRED. The name of the HTTP Authorization scheme to be used in the Authorization header as defined in [[!RFC7235]]. The values used SHOULD be registered in the IANA Authentication Scheme registry.
+
+
+ bearerFormat
+stringhttp ("bearer")A hint to the client to identify how the bearer token is formatted. Bearer tokens are usually generated by an authorization server, so this information is primarily for documentation purposes.
+
+
+ flows
+OAuth Flows Object
+oauth2REQUIRED. An object containing configuration information for the flow types supported.
+
+
+
+ openIdConnectUrl
+stringopenIdConnectREQUIRED. OpenId Connect URL to discover OAuth2 configuration values. This MUST be in the form of a URL.
+Security Scheme Object Example
+Basic Authentication Sample
+
+{
+ "type": "http",
+ "scheme": "basic"
+}
+
+type: http
+scheme: basic
+API Key Sample
+
+{
+ "type": "apiKey",
+ "name": "api_key",
+ "in": "header"
+}
+
+type: apiKey
+name: api_key
+in: header
+JWT Bearer Sample
+
+{
+ "type": "http",
+ "scheme": "bearer",
+ "bearerFormat": "JWT",
+}
+
+type: http
+scheme: bearer
+bearerFormat: JWT
+Implicit OAuth2 Sample
+
+{
+ "type": "oauth2",
+ "flows": {
+ "implicit": {
+ "authorizationUrl": "https://example.com/api/oauth/dialog",
+ "scopes": {
+ "write:pets": "modify pets in your account",
+ "read:pets": "read your pets"
+ }
+ }
+ }
+}
+
+type: oauth2
+flows:
+ implicit:
+ authorizationUrl: https://example.com/api/oauth/dialog
+ scopes:
+ write:pets: modify pets in your account
+ read:pets: read your pets
+OAuth Flows Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ implicit
+OAuth Flow Object
+Configuration for the OAuth Implicit flow
+
+
+ password
+OAuth Flow Object
+Configuration for the OAuth Resource Owner Password flow
+
+
+ clientCredentials
+OAuth Flow Object
+Configuration for the OAuth Client Credentials flow. Previously called
+application in OpenAPI 2.0.
+
+
+ authorizationCode
+OAuth Flow Object
+Configuration for the OAuth Authorization Code flow. Previously called
+accessCode in OpenAPI 2.0.OAuth Flow Object
+Fixed Fields
+OAuth Flow Object Examples
+
+{
+ "type": "oauth2",
+ "flows": {
+ "implicit": {
+ "authorizationUrl": "https://example.com/api/oauth/dialog",
+ "scopes": {
+ "write:pets": "modify pets in your account",
+ "read:pets": "read your pets"
+ }
+ },
+ "authorizationCode": {
+ "authorizationUrl": "https://example.com/api/oauth/dialog",
+ "tokenUrl": "https://example.com/api/oauth/token",
+ "scopes": {
+ "write:pets": "modify pets in your account",
+ "read:pets": "read your pets"
+ }
+ }
+ }
+}
+
+type: oauth2
+flows:
+ implicit:
+ authorizationUrl: https://example.com/api/oauth/dialog
+ scopes:
+ write:pets: modify pets in your account
+ read:pets: read your pets
+ authorizationCode:
+ authorizationUrl: https://example.com/api/oauth/dialog
+ tokenUrl: https://example.com/api/oauth/token
+ scopes:
+ write:pets: modify pets in your account
+ read:pets: read your pets
+Security Requirement Object
+Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ {name}
+[
+string]Each name MUST correspond to a security scheme which is declared in the Security Schemes under the Components Object. If the security scheme is of type
+"oauth2" or "openIdConnect", then the value is a list of scope names required for the execution, and the list MAY be empty if authorization does not require a specified scope. For other security scheme types, the array MUST be empty.Security Requirement Object Examples
+Non-OAuth2 Security Requirement
+
+{
+ "api_key": []
+}
+
+api_key: []
+OAuth2 Security Requirement
+
+{
+ "petstore_auth": [
+ "write:pets",
+ "read:pets"
+ ]
+}
+
+petstore_auth:
+- write:pets
+- read:pets
+Optional OAuth2 Security
+
+{
+ "security": [
+ {},
+ {
+ "petstore_auth": [
+ "write:pets",
+ "read:pets"
+ ]
+ }
+ ]
+}
+
+security:
+ - {}
+ - petstore_auth:
+ - write:pets
+ - read:pets
+Specification Extensions
+"x-".Security Filtering
+
+
+Appendix A: Revision History
+
+
+
+
diff --git a/docs/oas/v3.1.0.html b/docs/oas/v3.1.0.html
new file mode 100644
index 0000000000..6a8ea9e54d
--- /dev/null
+++ b/docs/oas/v3.1.0.html
@@ -0,0 +1,4083 @@
+
+
+
+
+Version
+Date
+Notes
+
+
+3.0.3
+2020-02-20
+Patch release of the OpenAPI Specification 3.0.3
+
+
+3.0.2
+2018-10-08
+Patch release of the OpenAPI Specification 3.0.2
+
+
+3.0.1
+2017-12-06
+Patch release of the OpenAPI Specification 3.0.1
+
+
+3.0.0
+2017-07-26
+Release of the OpenAPI Specification 3.0.0
+
+
+3.0.0-rc2
+2017-06-16
+rc2 of the 3.0 specification
+
+
+3.0.0-rc1
+2017-04-27
+rc1 of the 3.0 specification
+
+
+3.0.0-rc0
+2017-02-28
+Implementer’s Draft of the 3.0 specification
+
+
+2.0
+2015-12-31
+Donation of Swagger 2.0 to the OpenAPI Initiative
+
+
+2.0
+2014-09-08
+Release of Swagger 2.0
+
+
+1.2
+2014-03-14
+Initial release of the formal document.
+
+
+1.1
+2012-08-22
+Release of Swagger 1.1
+
+
+
+1.0
+2011-08-10
+First release of the Swagger Specification
+OpenAPI Specification v3.1.0
Status of This Document
The source-of-truth for the specification is the GitHub markdown file referenced above.OpenAPI Specification
+Version 3.1.0
+Introduction
+Definitions
+OpenAPI Document
+Path Templating
+/), question marks (?), or hashes (#).Media Types
+
+
+ text/plain; charset=utf-8
+ application/json
+ application/vnd.github+json
+ application/vnd.github.v3+json
+ application/vnd.github.v3.raw+json
+ application/vnd.github.v3.text+json
+ application/vnd.github.v3.html+json
+ application/vnd.github.v3.full+json
+ application/vnd.github.v3.diff
+ application/vnd.github.v3.patch
+HTTP Status Codes
+Specification
+Versions
+major.minor.patch versioning scheme. The major.minor portion of the version string (for example 3.1) SHALL designate the OAS feature set. .patch versions address errors in, or provide clarifications to, this document, not the feature set. Tooling which supports OAS 3.1 SHOULD be compatible with all OAS 3.1.* versions. The patch version SHOULD NOT be considered by tooling, making no distinction between 3.1.0 and 3.1.1 for example.minor versions of the OAS where impact is believed to be low relative to the benefit provided.openapi field which designates the version of the OAS that it uses.Format
+
+{
+ "field": [ 1, 2, 3 ]
+}
+
+
+Document Structure
+Reference Objects and Schema Object $ref keywords are used.openapi.json or openapi.yaml.Data Types
+integer as a type is also supported and is defined as a JSON number without a fraction or exponent part.
+Models are defined using the Schema Object, which is a superset of JSON Schema Specification Draft 2020-12.format.
+OAS defines additional formats to provide fine detail for primitive data types.
+
+
+
+
+
+
+typeformatComments
+
+
+integerint32signed 32 bits
+
+
+integerint64signed 64 bits (a.k.a long)
+
+
+numberfloat
+
+
+numberdouble
+
+
+
+stringpasswordA hint to UIs to obscure input.
+Rich Text Formatting
+description fields are noted as supporting CommonMark markdown formatting.
+Where OpenAPI tooling renders rich text it MUST support, at a minimum, markdown syntax as described by CommonMark 0.27. Tooling MAY choose to ignore some CommonMark features to address security concerns.Relative References in URIs
+Reference Objects, PathItem Object $ref fields, Link Object operationRef fields and Example Object externalValue fields, are resolved using the referring document as the Base URI according to [[!RFC3986]].Schema Objects, including any that appear as $id values, use the nearest parent $id as a Base URI, as described by JSON Schema Specification Draft 2020-12. If no parent schema contains an $id, then the Base URI MUST be determined according to [[!RFC3986]].Relative References in URLs
+Server Object as a Base URL. Note that these themselves MAY be relative to the referring document.Schema
+OpenAPI Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ openapi
+stringREQUIRED. This string MUST be the version number of the OpenAPI Specification that the OpenAPI document uses. The
+openapi field SHOULD be used by tooling to interpret the OpenAPI document. This is not related to the API info.version string.
+
+ info
+Info Object
+REQUIRED. Provides metadata about the API. The metadata MAY be used by tooling as required.
+
+
+ jsonSchemaDialect
+stringThe default value for the
+$schema keyword within Schema Objects contained within this OAS document. This MUST be in the form of a URI.
+
+ servers
+[Server Object]
+An array of Server Objects, which provide connectivity information to a target server. If the
+servers property is not provided, or is an empty array, the default value would be a Server Object with a url value of /.
+
+ paths
+Paths Object
+The available paths and operations for the API.
+
+
+ webhooks
+Map[
+string, Path Item Object | Reference Object] ]The incoming webhooks that MAY be received as part of this API and that the API consumer MAY choose to implement. Closely related to the
+callbacks feature, this section describes requests initiated other than by an API call, for example by an out of band registration. The key name is a unique string to refer to each webhook, while the (optionally referenced) Path Item Object describes a request that may be initiated by the API provider and the expected responses. An example is available.
+
+ components
+Components Object
+An element to hold various schemas for the document.
+
+
+ security
+[Security Requirement Object]
+A declaration of which security mechanisms can be used across the API. The list of values includes alternative security requirement objects that can be used. Only one of the security requirement objects need to be satisfied to authorize a request. Individual operations can override this definition. To make security optional, an empty security requirement (
+{}) can be included in the array.
+
+ tags
+[Tag Object]
+A list of tags used by the document with additional metadata. The order of the tags can be used to reflect on their order by the parsing tools. Not all tags that are used by the Operation Object must be declared. The tags that are not declared MAY be organized randomly or based on the tools’ logic. Each tag name in the list MUST be unique.
+
+
+
+ externalDocs
+External Documentation Object
+Additional external documentation.
+Info Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ title
+stringREQUIRED. The title of the API.
+
+
+ summary
+stringA short summary of the API.
+
+
+ description
+stringA description of the API. CommonMark syntax MAY be used for rich text representation.
+
+
+ termsOfService
+stringA URL to the Terms of Service for the API. This MUST be in the form of a URL.
+
+
+ contact
+Contact Object
+The contact information for the exposed API.
+
+
+ license
+License Object
+The license information for the exposed API.
+
+
+
+ version
+stringREQUIRED. The version of the OpenAPI document (which is distinct from the OpenAPI Specification version or the API implementation version).
+Info Object Example
+
+{
+ "title": "Sample Pet Store App",
+ "summary": "A pet store manager.",
+ "description": "This is a sample server for a pet store.",
+ "termsOfService": "https://example.com/terms/",
+ "contact": {
+ "name": "API Support",
+ "url": "https://www.example.com/support",
+ "email": "support@example.com"
+ },
+ "license": {
+ "name": "Apache 2.0",
+ "url": "https://www.apache.org/licenses/LICENSE-2.0.html"
+ },
+ "version": "1.0.1"
+}
+
+title: Sample Pet Store App
+summary: A pet store manager.
+description: This is a sample server for a pet store.
+termsOfService: https://example.com/terms/
+contact:
+ name: API Support
+ url: https://www.example.com/support
+ email: support@example.com
+license:
+ name: Apache 2.0
+ url: https://www.apache.org/licenses/LICENSE-2.0.html
+version: 1.0.1
+Contact Object
+Fixed Fields
+Contact Object Example
+
+{
+ "name": "API Support",
+ "url": "https://www.example.com/support",
+ "email": "support@example.com"
+}
+
+name: API Support
+url: https://www.example.com/support
+email: support@example.com
+License Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ name
+stringREQUIRED. The license name used for the API.
+
+
+ identifier
+stringAn SPDX license expression for the API. The
+identifier field is mutually exclusive of the url field.
+
+
+ url
+stringA URL to the license used for the API. This MUST be in the form of a URL. The
+url field is mutually exclusive of the identifier field.License Object Example
+
+{
+ "name": "Apache 2.0",
+ "identifier": "Apache-2.0"
+}
+
+name: Apache 2.0
+identifier: Apache-2.0
+Server Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ url
+stringREQUIRED. A URL to the target host. This URL supports Server Variables and MAY be relative, to indicate that the host location is relative to the location where the OpenAPI document is being served. Variable substitutions will be made when a variable is named in
+{brackets}.
+
+ description
+stringAn optional string describing the host designated by the URL. CommonMark syntax MAY be used for rich text representation.
+
+
+
+ variables
+Map[
+string, Server Variable Object]A map between a variable name and its value. The value is used for substitution in the server’s URL template.
+Server Object Example
+
+{
+ "url": "https://development.gigantic-server.com/v1",
+ "description": "Development server"
+}
+
+url: https://development.gigantic-server.com/v1
+description: Development server
+servers:
+{
+ "servers": [
+ {
+ "url": "https://development.gigantic-server.com/v1",
+ "description": "Development server"
+ },
+ {
+ "url": "https://staging.gigantic-server.com/v1",
+ "description": "Staging server"
+ },
+ {
+ "url": "https://api.gigantic-server.com/v1",
+ "description": "Production server"
+ }
+ ]
+}
+
+servers:
+- url: https://development.gigantic-server.com/v1
+ description: Development server
+- url: https://staging.gigantic-server.com/v1
+ description: Staging server
+- url: https://api.gigantic-server.com/v1
+ description: Production server
+
+{
+ "servers": [
+ {
+ "url": "https://{username}.gigantic-server.com:{port}/{basePath}",
+ "description": "The production API server",
+ "variables": {
+ "username": {
+ "default": "demo",
+ "description": "this value is assigned by the service provider, in this example `gigantic-server.com`"
+ },
+ "port": {
+ "enum": [
+ "8443",
+ "443"
+ ],
+ "default": "8443"
+ },
+ "basePath": {
+ "default": "v2"
+ }
+ }
+ }
+ ]
+}
+
+servers:
+- url: https://{username}.gigantic-server.com:{port}/{basePath}
+ description: The production API server
+ variables:
+ username:
+ # note! no enum here means it is an open value
+ default: demo
+ description: this value is assigned by the service provider, in this example `gigantic-server.com`
+ port:
+ enum:
+ - '8443'
+ - '443'
+ default: '8443'
+ basePath:
+ # open meaning there is the opportunity to use special base paths as assigned by the provider, default is `v2`
+ default: v2
+Server Variable Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ enum
+[
+string]An enumeration of string values to be used if the substitution options are from a limited set. The array MUST NOT be empty.
+
+
+ default
+stringREQUIRED. The default value to use for substitution, which SHALL be sent if an alternate value is not supplied. Note this behavior is different than the Schema Object’s treatment of default values, because in those cases parameter values are optional. If the
+enum is defined, the value MUST exist in the enum’s values.
+
+
+ description
+stringAn optional description for the server variable. CommonMark syntax MAY be used for rich text representation.
+Components Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ schemas
+Map[
+string, Schema Object]An object to hold reusable Schema Objects.
+
+
+ responses
+Map[
+string, Response Object | Reference Object]An object to hold reusable Response Objects.
+
+
+ parameters
+Map[
+string, Parameter Object | Reference Object]An object to hold reusable Parameter Objects.
+
+
+ examples
+Map[
+string, Example Object | Reference Object]An object to hold reusable Example Objects.
+
+
+ requestBodies
+Map[
+string, Request Body Object | Reference Object]An object to hold reusable Request Body Objects.
+
+
+ headers
+Map[
+string, Header Object | Reference Object]An object to hold reusable Header Objects.
+
+
+ securitySchemes
+Map[
+string, Security Scheme Object | Reference Object]An object to hold reusable Security Scheme Objects.
+
+
+ links
+Map[
+string, Link Object | Reference Object]An object to hold reusable Link Objects.
+
+
+ callbacks
+Map[
+string, Callback Object | Reference Object]An object to hold reusable Callback Objects.
+
+
+
+ pathItems
+Map[
+string, Path Item Object | Reference Object]An object to hold reusable Path Item Object.
+^[a-zA-Z0-9\.\-_]+$.
+
+User
+User_1
+User_Name
+user-name
+my.org.User
+Components Object Example
+
+"components": {
+ "schemas": {
+ "GeneralError": {
+ "type": "object",
+ "properties": {
+ "code": {
+ "type": "integer",
+ "format": "int32"
+ },
+ "message": {
+ "type": "string"
+ }
+ }
+ },
+ "Category": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "integer",
+ "format": "int64"
+ },
+ "name": {
+ "type": "string"
+ }
+ }
+ },
+ "Tag": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "integer",
+ "format": "int64"
+ },
+ "name": {
+ "type": "string"
+ }
+ }
+ }
+ },
+ "parameters": {
+ "skipParam": {
+ "name": "skip",
+ "in": "query",
+ "description": "number of items to skip",
+ "required": true,
+ "schema": {
+ "type": "integer",
+ "format": "int32"
+ }
+ },
+ "limitParam": {
+ "name": "limit",
+ "in": "query",
+ "description": "max records to return",
+ "required": true,
+ "schema" : {
+ "type": "integer",
+ "format": "int32"
+ }
+ }
+ },
+ "responses": {
+ "NotFound": {
+ "description": "Entity not found."
+ },
+ "IllegalInput": {
+ "description": "Illegal input for operation."
+ },
+ "GeneralError": {
+ "description": "General Error",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GeneralError"
+ }
+ }
+ }
+ }
+ },
+ "securitySchemes": {
+ "api_key": {
+ "type": "apiKey",
+ "name": "api_key",
+ "in": "header"
+ },
+ "petstore_auth": {
+ "type": "oauth2",
+ "flows": {
+ "implicit": {
+ "authorizationUrl": "https://example.org/api/oauth/dialog",
+ "scopes": {
+ "write:pets": "modify pets in your account",
+ "read:pets": "read your pets"
+ }
+ }
+ }
+ }
+ }
+}
+
+components:
+ schemas:
+ GeneralError:
+ type: object
+ properties:
+ code:
+ type: integer
+ format: int32
+ message:
+ type: string
+ Category:
+ type: object
+ properties:
+ id:
+ type: integer
+ format: int64
+ name:
+ type: string
+ Tag:
+ type: object
+ properties:
+ id:
+ type: integer
+ format: int64
+ name:
+ type: string
+ parameters:
+ skipParam:
+ name: skip
+ in: query
+ description: number of items to skip
+ required: true
+ schema:
+ type: integer
+ format: int32
+ limitParam:
+ name: limit
+ in: query
+ description: max records to return
+ required: true
+ schema:
+ type: integer
+ format: int32
+ responses:
+ NotFound:
+ description: Entity not found.
+ IllegalInput:
+ description: Illegal input for operation.
+ GeneralError:
+ description: General Error
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GeneralError'
+ securitySchemes:
+ api_key:
+ type: apiKey
+ name: api_key
+ in: header
+ petstore_auth:
+ type: oauth2
+ flows:
+ implicit:
+ authorizationUrl: https://example.org/api/oauth/dialog
+ scopes:
+ write:pets: modify pets in your account
+ read:pets: read your pets
+Paths Object
+Server Object in order to construct the full URL. The Paths MAY be empty, due to Access Control List (ACL) constraints.Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ /{path}
+Path Item Object
+A relative path to an individual endpoint. The field name MUST begin with a forward slash (
+/). The path is appended (no relative URL resolution) to the expanded URL from the Server Object’s url field in order to construct the full URL. Path templating is allowed. When matching URLs, concrete (non-templated) paths would be matched before their templated counterparts. Templated paths with the same hierarchy but different templated names MUST NOT exist as they are identical. In case of ambiguous matching, it’s up to the tooling to decide which one to use.Path Templating Matching
+/pets/mine, will be matched first if used:
+
+ /pets/{petId}
+ /pets/mine
+
+
+ /pets/{petId}
+ /pets/{name}
+
+
+ /{entity}/me
+ /books/{id}
+Paths Object Example
+
+{
+ "/pets": {
+ "get": {
+ "description": "Returns all pets from the system that the user has access to",
+ "responses": {
+ "200": {
+ "description": "A list of pets.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/pet"
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+}
+
+/pets:
+ get:
+ description: Returns all pets from the system that the user has access to
+ responses:
+ '200':
+ description: A list of pets.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/pet'
+Path Item Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ $ref
+stringAllows for a referenced definition of this path item. The referenced structure MUST be in the form of a Path Item Object. In case a Path Item Object field appears both in the defined object and the referenced object, the behavior is undefined. See the rules for resolving Relative References.
+
+
+ summary
+stringAn optional, string summary, intended to apply to all operations in this path.
+
+
+ description
+stringAn optional, string description, intended to apply to all operations in this path. CommonMark syntax MAY be used for rich text representation.
+
+
+ get
+Operation Object
+A definition of a GET operation on this path.
+
+
+ put
+Operation Object
+A definition of a PUT operation on this path.
+
+
+ post
+Operation Object
+A definition of a POST operation on this path.
+
+
+ delete
+Operation Object
+A definition of a DELETE operation on this path.
+
+
+ options
+Operation Object
+A definition of a OPTIONS operation on this path.
+
+
+ head
+Operation Object
+A definition of a HEAD operation on this path.
+
+
+ patch
+Operation Object
+A definition of a PATCH operation on this path.
+
+
+ trace
+Operation Object
+A definition of a TRACE operation on this path.
+
+
+ servers
+[Server Object]
+An alternative
+server array to service all operations in this path.
+
+
+ parameters
+[Parameter Object | Reference Object]
+A list of parameters that are applicable for all the operations described under this path. These parameters can be overridden at the operation level, but cannot be removed there. The list MUST NOT include duplicated parameters. A unique parameter is defined by a combination of a name and location. The list can use the Reference Object to link to parameters that are defined at the OpenAPI Object’s components/parameters.
+Path Item Object Example
+
+{
+ "get": {
+ "description": "Returns pets based on ID",
+ "summary": "Find pets by ID",
+ "operationId": "getPetsById",
+ "responses": {
+ "200": {
+ "description": "pet response",
+ "content": {
+ "*/*": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/Pet"
+ }
+ }
+ }
+ }
+ },
+ "default": {
+ "description": "error payload",
+ "content": {
+ "text/html": {
+ "schema": {
+ "$ref": "#/components/schemas/ErrorModel"
+ }
+ }
+ }
+ }
+ }
+ },
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of pet to use",
+ "required": true,
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "style": "simple"
+ }
+ ]
+}
+
+get:
+ description: Returns pets based on ID
+ summary: Find pets by ID
+ operationId: getPetsById
+ responses:
+ '200':
+ description: pet response
+ content:
+ '*/*' :
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/Pet'
+ default:
+ description: error payload
+ content:
+ 'text/html':
+ schema:
+ $ref: '#/components/schemas/ErrorModel'
+parameters:
+- name: id
+ in: path
+ description: ID of pet to use
+ required: true
+ schema:
+ type: array
+ items:
+ type: string
+ style: simple
+Operation Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ tags
+[
+string]A list of tags for API documentation control. Tags can be used for logical grouping of operations by resources or any other qualifier.
+
+
+ summary
+stringA short summary of what the operation does.
+
+
+ description
+stringA verbose explanation of the operation behavior. CommonMark syntax MAY be used for rich text representation.
+
+
+ externalDocs
+External Documentation Object
+Additional external documentation for this operation.
+
+
+ operationId
+stringUnique string used to identify the operation. The id MUST be unique among all operations described in the API. The operationId value is case-sensitive. Tools and libraries MAY use the operationId to uniquely identify an operation, therefore, it is RECOMMENDED to follow common programming naming conventions.
+
+
+ parameters
+[Parameter Object | Reference Object]
+A list of parameters that are applicable for this operation. If a parameter is already defined at the Path Item, the new definition will override it but can never remove it. The list MUST NOT include duplicated parameters. A unique parameter is defined by a combination of a name and location. The list can use the Reference Object to link to parameters that are defined at the OpenAPI Object’s components/parameters.
+
+
+ requestBody
+Request Body Object | Reference Object
+The request body applicable for this operation. The
+requestBody is fully supported in HTTP methods where the HTTP 1.1 specification [[!RFC7231]] has explicitly defined semantics for request bodies. In other cases where the HTTP spec is vague (such as GET, HEAD and DELETE), requestBody is permitted but does not have well-defined semantics and SHOULD be avoided if possible.
+
+ responses
+Responses Object
+The list of possible responses as they are returned from executing this operation.
+
+
+ callbacks
+Map[
+string, Callback Object | Reference Object]A map of possible out-of band callbacks related to the parent operation. The key is a unique identifier for the Callback Object. Each value in the map is a Callback Object that describes a request that may be initiated by the API provider and the expected responses.
+
+
+ deprecated
+booleanDeclares this operation to be deprecated. Consumers SHOULD refrain from usage of the declared operation. Default value is
+false.
+
+ security
+[Security Requirement Object]
+A declaration of which security mechanisms can be used for this operation. The list of values includes alternative security requirement objects that can be used. Only one of the security requirement objects need to be satisfied to authorize a request. To make security optional, an empty security requirement (
+{}) can be included in the array. This definition overrides any declared top-level security. To remove a top-level security declaration, an empty array can be used.
+
+
+ servers
+[Server Object]
+An alternative
+server array to service this operation. If an alternative server object is specified at the Path Item Object or Root level, it will be overridden by this value.Operation Object Example
+
+{
+ "tags": [
+ "pet"
+ ],
+ "summary": "Updates a pet in the store with form data",
+ "operationId": "updatePetWithForm",
+ "parameters": [
+ {
+ "name": "petId",
+ "in": "path",
+ "description": "ID of pet that needs to be updated",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "type": "object",
+ "properties": {
+ "name": {
+ "description": "Updated name of the pet",
+ "type": "string"
+ },
+ "status": {
+ "description": "Updated status of the pet",
+ "type": "string"
+ }
+ },
+ "required": ["status"]
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Pet updated.",
+ "content": {
+ "application/json": {},
+ "application/xml": {}
+ }
+ },
+ "405": {
+ "description": "Method Not Allowed",
+ "content": {
+ "application/json": {},
+ "application/xml": {}
+ }
+ }
+ },
+ "security": [
+ {
+ "petstore_auth": [
+ "write:pets",
+ "read:pets"
+ ]
+ }
+ ]
+}
+
+tags:
+- pet
+summary: Updates a pet in the store with form data
+operationId: updatePetWithForm
+parameters:
+- name: petId
+ in: path
+ description: ID of pet that needs to be updated
+ required: true
+ schema:
+ type: string
+requestBody:
+ content:
+ 'application/x-www-form-urlencoded':
+ schema:
+ type: object
+ properties:
+ name:
+ description: Updated name of the pet
+ type: string
+ status:
+ description: Updated status of the pet
+ type: string
+ required:
+ - status
+responses:
+ '200':
+ description: Pet updated.
+ content:
+ 'application/json': {}
+ 'application/xml': {}
+ '405':
+ description: Method Not Allowed
+ content:
+ 'application/json': {}
+ 'application/xml': {}
+security:
+- petstore_auth:
+ - write:pets
+ - read:pets
+External Documentation Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ description
+stringA description of the target documentation. CommonMark syntax MAY be used for rich text representation.
+
+
+
+ url
+stringREQUIRED. The URL for the target documentation. This MUST be in the form of a URL.
+External Documentation Object Example
+
+{
+ "description": "Find more info here",
+ "url": "https://example.com"
+}
+
+description: Find more info here
+url: https://example.com
+Parameter Object
+Parameter Locations
+in field:
+
+/items/{itemId}, the path parameter is itemId./items?id=###, the query parameter is id.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ name
+stringREQUIRED. The name of the parameter. Parameter names are case sensitive.
+in is "path", the name field MUST correspond to a template expression occurring within the path field in the Paths Object. See Path Templating for further information.in is "header" and the name field is "Accept", "Content-Type" or "Authorization", the parameter definition SHALL be ignored.name corresponds to the parameter name used by the in property.
+
+ in
+stringREQUIRED. The location of the parameter. Possible values are
+"query", "header", "path" or "cookie".
+
+ description
+stringA brief description of the parameter. This could contain examples of use. CommonMark syntax MAY be used for rich text representation.
+
+
+ required
+booleanDetermines whether this parameter is mandatory. If the parameter location is
+"path", this property is REQUIRED and its value MUST be true. Otherwise, the property MAY be included and its default value is false.
+
+ deprecated
+booleanSpecifies that a parameter is deprecated and SHOULD be transitioned out of usage. Default value is
+false.
+
+
+ allowEmptyValue
+booleanSets the ability to pass empty-valued parameters. This is valid only for
+query parameters and allows sending a parameter with an empty value. Default value is false. If style is used, and if behavior is n/a (cannot be serialized), the value of allowEmptyValue SHALL be ignored. Use of this property is NOT RECOMMENDED, as it is likely to be removed in a later revision.schema and style can describe the structure and syntax of the parameter.
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ style
+stringDescribes how the parameter value will be serialized depending on the type of the parameter value. Default values (based on value of
+in): for query - form; for path - simple; for header - simple; for cookie - form.
+
+ explode
+booleanWhen this is true, parameter values of type
+array or object generate separate parameters for each value of the array or key-value pair of the map. For other types of parameters this property has no effect. When style is form, the default value is true. For all other styles, the default value is false.
+
+ allowReserved
+booleanDetermines whether the parameter value SHOULD allow reserved characters, as defined by [[!RFC3986]]
+:/?#[]@!$&'()*+,;= to be included without percent-encoding. This property only applies to parameters with an in value of query. The default value is false.
+
+ schema
+Schema Object
+The schema defining the type used for the parameter.
+
+
+ example
+Any
+Example of the parameter’s potential value. The example SHOULD match the specified schema and encoding properties if present. The
+example field is mutually exclusive of the examples field. Furthermore, if referencing a schema that contains an example, the example value SHALL override the example provided by the schema. To represent examples of media types that cannot naturally be represented in JSON or YAML, a string value can contain the example with escaping where necessary.
+
+
+ examples
+Map[
+string, Example Object | Reference Object]Examples of the parameter’s potential value. Each example SHOULD contain a value in the correct format as specified in the parameter encoding. The
+examples field is mutually exclusive of the example field. Furthermore, if referencing a schema that contains an example, the examples value SHALL override the example provided by the schema.content property can define the media type and schema of the parameter.
+A parameter MUST contain either a schema property, or a content property, but not both.
+When example or examples are provided in conjunction with the schema object, the example MUST follow the prescribed serialization strategy for the parameter.
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+
+ content
+Map[
+string, Media Type Object]A map containing the representations for the parameter. The key is the media type and the value describes it. The map MUST only contain one entry.
+Style Values
+style values are defined.
+
+
+
+
+
+
+styletypeinComments
+
+
+matrix
+primitive, array, objectpathPath-style parameters defined by [[!RFC6570]]
+
+
+label
+primitive, array, objectpathLabel style parameters defined by [[!RFC6570]]
+
+
+form
+primitive, array, objectquery, cookieForm style parameters defined by [[!RFC6570]]. This option replaces
+collectionFormat with a csv (when explode is false) or multi (when explode is true) value from OpenAPI 2.0.
+
+simple
+arraypath, headerSimple style parameters defined by [[!RFC6570]]. This option replaces
+collectionFormat with a csv value from OpenAPI 2.0.
+
+spaceDelimited
+array, objectquerySpace separated array or object values. This option replaces
+collectionFormat equal to ssv from OpenAPI 2.0.
+
+pipeDelimited
+array, objectqueryPipe separated array or object values. This option replaces
+collectionFormat equal to pipes from OpenAPI 2.0.
+
+
+deepObject
+objectqueryProvides a simple way of rendering nested objects using form parameters.
+Style Examples
+color has one of the following values:
+
+ string -> "blue"
+ array -> ["blue","black","brown"]
+ object -> { "R": 100, "G": 200, "B": 150 }
+
+
+
+
+
+
+
+styleexplodeemptystringarrayobject
+
+matrix
+false
+;color
+;color=blue
+;color=blue,black,brown
+;color=R,100,G,200,B,150
+
+
+matrix
+true
+;color
+;color=blue
+;color=blue;color=black;color=brown
+;R=100;G=200;B=150
+
+
+label
+false
+.
+.blue
+.blue.black.brown
+.R.100.G.200.B.150
+
+
+label
+true
+.
+.blue
+.blue.black.brown
+.R=100.G=200.B=150
+
+
+form
+false
+color=
+color=blue
+color=blue,black,brown
+color=R,100,G,200,B,150
+
+
+form
+true
+color=
+color=blue
+color=blue&color=black&color=brown
+R=100&G=200&B=150
+
+
+simple
+false
+n/a
+blue
+blue,black,brown
+R,100,G,200,B,150
+
+
+simple
+true
+n/a
+blue
+blue,black,brown
+R=100,G=200,B=150
+
+
+spaceDelimited
+false
+n/a
+n/a
+blue%20black%20brown
+R%20100%20G%20200%20B%20150
+
+
+pipeDelimited
+false
+n/a
+n/a
+blue|black|brown
+R|100|G|200|B|150
+
+
+
+deepObject
+true
+n/a
+n/a
+n/a
+color[R]=100&color[G]=200&color[B]=150
+Parameter Object Examples
+
+{
+ "name": "token",
+ "in": "header",
+ "description": "token to be passed as a header",
+ "required": true,
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "integer",
+ "format": "int64"
+ }
+ },
+ "style": "simple"
+}
+
+name: token
+in: header
+description: token to be passed as a header
+required: true
+schema:
+ type: array
+ items:
+ type: integer
+ format: int64
+style: simple
+
+{
+ "name": "username",
+ "in": "path",
+ "description": "username to fetch",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+}
+
+name: username
+in: path
+description: username to fetch
+required: true
+schema:
+ type: string
+
+{
+ "name": "id",
+ "in": "query",
+ "description": "ID of the object to fetch",
+ "required": false,
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "style": "form",
+ "explode": true
+}
+
+name: id
+in: query
+description: ID of the object to fetch
+required: false
+schema:
+ type: array
+ items:
+ type: string
+style: form
+explode: true
+
+{
+ "in": "query",
+ "name": "freeForm",
+ "schema": {
+ "type": "object",
+ "additionalProperties": {
+ "type": "integer"
+ },
+ },
+ "style": "form"
+}
+
+in: query
+name: freeForm
+schema:
+ type: object
+ additionalProperties:
+ type: integer
+style: form
+content to define serialization:
+{
+ "in": "query",
+ "name": "coordinates",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "object",
+ "required": [
+ "lat",
+ "long"
+ ],
+ "properties": {
+ "lat": {
+ "type": "number"
+ },
+ "long": {
+ "type": "number"
+ }
+ }
+ }
+ }
+ }
+}
+
+in: query
+name: coordinates
+content:
+ application/json:
+ schema:
+ type: object
+ required:
+ - lat
+ - long
+ properties:
+ lat:
+ type: number
+ long:
+ type: number
+Request Body Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ description
+stringA brief description of the request body. This could contain examples of use. CommonMark syntax MAY be used for rich text representation.
+
+
+ content
+Map[
+string, Media Type Object]REQUIRED. The content of the request body. The key is a media type or media type range and the value describes it. For requests that match multiple keys, only the most specific key is applicable. e.g. text/plain overrides text/*
+
+
+
+ required
+booleanDetermines if the request body is required in the request. Defaults to
+false.Request Body Examples
+
+{
+ "description": "user to add to the system",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/User"
+ },
+ "examples": {
+ "user" : {
+ "summary": "User Example",
+ "externalValue": "https://foo.bar/examples/user-example.json"
+ }
+ }
+ },
+ "application/xml": {
+ "schema": {
+ "$ref": "#/components/schemas/User"
+ },
+ "examples": {
+ "user" : {
+ "summary": "User example in XML",
+ "externalValue": "https://foo.bar/examples/user-example.xml"
+ }
+ }
+ },
+ "text/plain": {
+ "examples": {
+ "user" : {
+ "summary": "User example in Plain text",
+ "externalValue": "https://foo.bar/examples/user-example.txt"
+ }
+ }
+ },
+ "*/*": {
+ "examples": {
+ "user" : {
+ "summary": "User example in other format",
+ "externalValue": "https://foo.bar/examples/user-example.whatever"
+ }
+ }
+ }
+ }
+}
+
+description: user to add to the system
+content:
+ 'application/json':
+ schema:
+ $ref: '#/components/schemas/User'
+ examples:
+ user:
+ summary: User Example
+ externalValue: 'https://foo.bar/examples/user-example.json'
+ 'application/xml':
+ schema:
+ $ref: '#/components/schemas/User'
+ examples:
+ user:
+ summary: User example in XML
+ externalValue: 'https://foo.bar/examples/user-example.xml'
+ 'text/plain':
+ examples:
+ user:
+ summary: User example in Plain text
+ externalValue: 'https://foo.bar/examples/user-example.txt'
+ '*/*':
+ examples:
+ user:
+ summary: User example in other format
+ externalValue: 'https://foo.bar/examples/user-example.whatever'
+
+{
+ "description": "user to add to the system",
+ "required": true,
+ "content": {
+ "text/plain": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ }
+ }
+}
+
+description: user to add to the system
+required: true
+content:
+ text/plain:
+ schema:
+ type: array
+ items:
+ type: string
+Media Type Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ schema
+Schema Object
+The schema defining the content of the request, response, or parameter.
+
+
+ example
+Any
+Example of the media type. The example object SHOULD be in the correct format as specified by the media type. The
+example field is mutually exclusive of the examples field. Furthermore, if referencing a schema which contains an example, the example value SHALL override the example provided by the schema.
+
+ examples
+Map[
+string, Example Object | Reference Object]Examples of the media type. Each example object SHOULD match the media type and specified schema if present. The
+examples field is mutually exclusive of the example field. Furthermore, if referencing a schema which contains an example, the examples value SHALL override the example provided by the schema.
+
+
+ encoding
+Map[
+string, Encoding Object]A map between a property name and its encoding information. The key, being the property name, MUST exist in the schema as a property. The encoding object SHALL only apply to
+requestBody objects when the media type is multipart or application/x-www-form-urlencoded.Media Type Examples
+
+{
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/Pet"
+ },
+ "examples": {
+ "cat" : {
+ "summary": "An example of a cat",
+ "value":
+ {
+ "name": "Fluffy",
+ "petType": "Cat",
+ "color": "White",
+ "gender": "male",
+ "breed": "Persian"
+ }
+ },
+ "dog": {
+ "summary": "An example of a dog with a cat's name",
+ "value" : {
+ "name": "Puma",
+ "petType": "Dog",
+ "color": "Black",
+ "gender": "Female",
+ "breed": "Mixed"
+ },
+ "frog": {
+ "$ref": "#/components/examples/frog-example"
+ }
+ }
+ }
+ }
+}
+
+application/json:
+ schema:
+ $ref: "#/components/schemas/Pet"
+ examples:
+ cat:
+ summary: An example of a cat
+ value:
+ name: Fluffy
+ petType: Cat
+ color: White
+ gender: male
+ breed: Persian
+ dog:
+ summary: An example of a dog with a cat's name
+ value:
+ name: Puma
+ petType: Dog
+ color: Black
+ gender: Female
+ breed: Mixed
+ frog:
+ $ref: "#/components/examples/frog-example"
+Considerations for File Uploads
+file input/output content in OpenAPI is described with the same semantics as any other schema type.format keyword has no effect on the content-encoding of the schema. JSON Schema offers a contentEncoding keyword, which may be used to specify the Content-Encoding for the schema. The contentEncoding keyword supports all encodings defined in [[!RFC4648]], including “base64” and “base64url”, as well as “quoted-printable” from [[!RFC2045]]. The encoding specified by the contentEncoding keyword is independent of an encoding specified by the Content-Type header in the request or response or metadata of a multipart body – when both are present, the encoding specified in the contentEncoding is applied first and then the encoding specified in the Content-Type header.contentMediaType keyword. However, when the media type is already specified by the Media Type Object’s key, or by the contentType field of an Encoding Object, the contentMediaType keyword SHALL be ignored if present.schema:
+# a PNG image as a binary file:
+content:
+ image/png: {}
+
+# an arbitrary binary file:
+content:
+ application/octet-stream: {}
+
+content:
+ image/png:
+ schema:
+ type: string
+ contentMediaType: image/png
+ contentEncoding: base64
+Content-Type remains image/png, describing the semantics of the payload. The JSON Schema type and contentEncoding fields explain that the payload is transferred as text. The JSON Schema contentMediaType is technically redundant, but can be used by JSON Schema tools that may not be aware of the OpenAPI context.requestBody for submitting a file in a POST operation may look like the following example:
+requestBody:
+ content:
+ application/octet-stream: {}
+
+# multiple, specific media types may be specified:
+requestBody:
+ content:
+ # a binary file of type png or jpeg
+ image/jpeg: {}
+ image/png: {}
+multipart media type MUST be used:
+requestBody:
+ content:
+ multipart/form-data:
+ schema:
+ properties:
+ # The property name 'file' will be used for all files.
+ file:
+ type: array
+ items: {}
+multipart/form-data below, the empty schema for items indicates a media type of application/octet-stream.Support for x-www-form-urlencoded Request Bodies
+
+requestBody:
+ content:
+ application/x-www-form-urlencoded:
+ schema:
+ type: object
+ properties:
+ id:
+ type: string
+ format: uuid
+ address:
+ # complex types are stringified to support RFC 1866
+ type: object
+ properties: {}
+requestBody MUST be stringified per [[!RFC1866]] when passed to the server. In addition, the address field complex object will be stringified.application/x-www-form-urlencoded content type, the default serialization strategy of such properties is described in the Encoding Object’s style property as form.Special Considerations for
+multipart Contentmultipart/form-data as a Content-Type when transferring request bodies to operations. In contrast to 2.0, a schema is REQUIRED to define the input parameters to the operation when using multipart content. This supports complex structures as well as supporting mechanisms for multiple file uploads.multipart/form-data request body, each schema property, or each element of a schema array property, takes a section in the payload with an internal header as defined by [[!RFC7578]]. The serialization strategy for each property of a multipart/form-data request body can be specified in an associated Encoding Object.multipart types, boundaries MAY be used to separate sections of the content being transferred – thus, the following default Content-Types are defined for multipart:
+
+text/plainapplication/jsontype: string with a contentEncoding, the default Content-Type is application/octet-streamcontentMediaType without contentEncoding present is treated as if contentEncoding: identity were present. While useful for embedding text documents such as text/html into JSON strings, it is not useful for a multipart/form-data part, as it just causes the document to be treated as text/plain instead of its actual media type. Use the Encoding Object without contentMediaType if no contentEncoding is required.
+requestBody:
+ content:
+ multipart/form-data:
+ schema:
+ type: object
+ properties:
+ id:
+ type: string
+ format: uuid
+ address:
+ # default Content-Type for objects is `application/json`
+ type: object
+ properties: {}
+ profileImage:
+ # Content-Type for application-level encoded resource is `text/plain`
+ type: string
+ contentMediaType: image/png
+ contentEncoding: base64
+ children:
+ # default Content-Type for arrays is based on the _inner_ type (`text/plain` here)
+ type: array
+ items:
+ type: string
+ addresses:
+ # default Content-Type for arrays is based on the _inner_ type (object shown, so `application/json` in this example)
+ type: array
+ items:
+ type: object
+ $ref: '#/components/schemas/Address'
+encoding attribute is introduced to give you control over the serialization of parts of multipart request bodies. This attribute is only applicable to multipart and application/x-www-form-urlencoded request bodies.Encoding Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ contentType
+stringThe Content-Type for encoding a specific property. Default value depends on the property type: for
+object - application/json; for array – the default is defined based on the inner type; for all other cases the default is application/octet-stream. The value can be a specific media type (e.g. application/json), a wildcard media type (e.g. image/*), or a comma-separated list of the two types.
+
+ headers
+Map[
+string, Header Object | Reference Object]A map allowing additional information to be provided as headers, for example
+Content-Disposition. Content-Type is described separately and SHALL be ignored in this section. This property SHALL be ignored if the request body media type is not a multipart.
+
+ style
+stringDescribes how a specific property value will be serialized depending on its type. See Parameter Object for details on the
+style property. The behavior follows the same values as query parameters, including default values. This property SHALL be ignored if the request body media type is not application/x-www-form-urlencoded or multipart/form-data. If a value is explicitly defined, then the value of contentType (implicit or explicit) SHALL be ignored.
+
+ explode
+booleanWhen this is true, property values of type
+array or object generate separate parameters for each value of the array, or key-value-pair of the map. For other types of properties this property has no effect. When style is form, the default value is true. For all other styles, the default value is false. This property SHALL be ignored if the request body media type is not application/x-www-form-urlencoded or multipart/form-data. If a value is explicitly defined, then the value of contentType (implicit or explicit) SHALL be ignored.
+
+
+ allowReserved
+booleanDetermines whether the parameter value SHOULD allow reserved characters, as defined by [[!RFC3986]]
+:/?#[]@!$&'()*+,;= to be included without percent-encoding. The default value is false. This property SHALL be ignored if the request body media type is not application/x-www-form-urlencoded or multipart/form-data. If a value is explicitly defined, then the value of contentType (implicit or explicit) SHALL be ignored.Encoding Object Example
+
+requestBody:
+ content:
+ multipart/form-data:
+ schema:
+ type: object
+ properties:
+ id:
+ # default is text/plain
+ type: string
+ format: uuid
+ address:
+ # default is application/json
+ type: object
+ properties: {}
+ historyMetadata:
+ # need to declare XML format!
+ description: metadata in XML format
+ type: object
+ properties: {}
+ profileImage: {}
+ encoding:
+ historyMetadata:
+ # require XML Content-Type in utf-8 encoding
+ contentType: application/xml; charset=utf-8
+ profileImage:
+ # only accept png/jpeg
+ contentType: image/png, image/jpeg
+ headers:
+ X-Rate-Limit-Limit:
+ description: The number of allowed requests in the current period
+ schema:
+ type: integer
+Responses Object
+default MAY be used as a default response object for all HTTP codes
+that are not covered individually by the Responses Object.Responses Object MUST contain at least one response code, and if only one
+response code is provided it SHOULD be the response for a successful operation
+call.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+
+ default
+Response Object | Reference Object
+The documentation of responses other than the ones declared for specific HTTP response codes. Use this field to cover undeclared responses.
+Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ HTTP Status Code
+Response Object | Reference Object
+Any HTTP status code can be used as the property name, but only one property per code, to describe the expected response for that HTTP status code. This field MUST be enclosed in quotation marks (for example, “200”) for compatibility between JSON and YAML. To define a range of response codes, this field MAY contain the uppercase wildcard character
+X. For example, 2XX represents all response codes between [200-299]. Only the following range definitions are allowed: 1XX, 2XX, 3XX, 4XX, and 5XX. If a response is defined using an explicit code, the explicit code definition takes precedence over the range definition for that code.Responses Object Example
+
+{
+ "200": {
+ "description": "a pet to be returned",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/Pet"
+ }
+ }
+ }
+ },
+ "default": {
+ "description": "Unexpected error",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ErrorModel"
+ }
+ }
+ }
+ }
+}
+
+'200':
+ description: a pet to be returned
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Pet'
+default:
+ description: Unexpected error
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ErrorModel'
+Response Object
+links to operations based on the response.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ description
+stringREQUIRED. A description of the response. CommonMark syntax MAY be used for rich text representation.
+
+
+ headers
+Map[
+string, Header Object | Reference Object]Maps a header name to its definition. [[!RFC7230]] states header names are case insensitive. If a response header is defined with the name
+"Content-Type", it SHALL be ignored.
+
+ content
+Map[
+string, Media Type Object]A map containing descriptions of potential response payloads. The key is a media type or media type range and the value describes it. For responses that match multiple keys, only the most specific key is applicable. e.g. text/plain overrides text/*
+
+
+
+ links
+Map[
+string, Link Object | Reference Object]A map of operations links that can be followed from the response. The key of the map is a short name for the link, following the naming constraints of the names for Component Objects.
+Response Object Examples
+
+{
+ "description": "A complex object array response",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/VeryComplexType"
+ }
+ }
+ }
+ }
+}
+
+description: A complex object array response
+content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/VeryComplexType'
+
+{
+ "description": "A simple string response",
+ "content": {
+ "text/plain": {
+ "schema": {
+ "type": "string"
+ }
+ }
+ }
+
+}
+
+description: A simple string response
+content:
+ text/plain:
+ schema:
+ type: string
+
+{
+ "description": "A simple string response",
+ "content": {
+ "text/plain": {
+ "schema": {
+ "type": "string",
+ "example": "whoa!"
+ }
+ }
+ },
+ "headers": {
+ "X-Rate-Limit-Limit": {
+ "description": "The number of allowed requests in the current period",
+ "schema": {
+ "type": "integer"
+ }
+ },
+ "X-Rate-Limit-Remaining": {
+ "description": "The number of remaining requests in the current period",
+ "schema": {
+ "type": "integer"
+ }
+ },
+ "X-Rate-Limit-Reset": {
+ "description": "The number of seconds left in the current period",
+ "schema": {
+ "type": "integer"
+ }
+ }
+ }
+}
+
+description: A simple string response
+content:
+ text/plain:
+ schema:
+ type: string
+ example: 'whoa!'
+headers:
+ X-Rate-Limit-Limit:
+ description: The number of allowed requests in the current period
+ schema:
+ type: integer
+ X-Rate-Limit-Remaining:
+ description: The number of remaining requests in the current period
+ schema:
+ type: integer
+ X-Rate-Limit-Reset:
+ description: The number of seconds left in the current period
+ schema:
+ type: integer
+
+{
+ "description": "object created"
+}
+
+description: object created
+Callback Object
+webhooks field.Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ {expression}
+Path Item Object | Reference Object
+A Path Item Object, or a reference to one, used to define a callback request and expected responses. A complete example is available.
+Key Expression
+$request.body#/url.
+However, using a runtime expression the complete HTTP message can be accessed.
+This includes accessing any part of a body that a JSON Pointer [[!RFC6901]] can reference.
+POST /subscribe/myevent?queryUrl=https://clientdomain.com/stillrunning HTTP/1.1
+Host: example.org
+Content-Type: application/json
+Content-Length: 187
+
+{
+ "failedUrl" : "https://clientdomain.com/failed",
+ "successUrls" : [
+ "https://clientdomain.com/fast",
+ "https://clientdomain.com/medium",
+ "https://clientdomain.com/slow"
+ ]
+}
+
+201 Created
+Location: https://example.org/subscription/1
+eventType and a query parameter named queryUrl.
+
+
+
+
+
+
+Expression
+Value
+
+
+$url
+https://example.org/subscribe/myevent?queryUrl=https://clientdomain.com/stillrunning
+
+
+$method
+POST
+
+
+$request.path.eventType
+myevent
+
+
+$request.query.queryUrl
+https://clientdomain.com/stillrunning
+
+
+$request.header.content-Type
+application/json
+
+
+$request.body#/failedUrl
+https://clientdomain.com/failed
+
+
+$request.body#/successUrls/2
+https://clientdomain.com/medium
+
+
+
+$response.header.Location
+https://example.org/subscription/1
+Callback Object Examples
+queryUrl query string parameter to define the callback URL. This is an example of how to use a callback object to describe a WebHook callback that goes with the subscription operation to enable registering for the WebHook.
+myCallback:
+ '{$request.query.queryUrl}':
+ post:
+ requestBody:
+ description: Callback payload
+ content:
+ 'application/json':
+ schema:
+ $ref: '#/components/schemas/SomePayload'
+ responses:
+ '200':
+ description: callback successfully processed
+id and email property in the request body.
+transactionCallback:
+ 'http://notificationServer.com?transactionId={$request.body#/id}&email={$request.body#/email}':
+ post:
+ requestBody:
+ description: Callback payload
+ content:
+ 'application/json':
+ schema:
+ $ref: '#/components/schemas/SomePayload'
+ responses:
+ '200':
+ description: callback successfully processed
+Example Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ summary
+stringShort description for the example.
+
+
+ description
+stringLong description for the example. CommonMark syntax MAY be used for rich text representation.
+
+
+ value
+Any
+Embedded literal example. The
+value field and externalValue field are mutually exclusive. To represent examples of media types that cannot naturally represented in JSON or YAML, use a string value to contain the example, escaping where necessary.
+
+
+ externalValue
+stringA URI that points to the literal example. This provides the capability to reference examples that cannot easily be included in JSON or YAML documents. The
+value field and externalValue field are mutually exclusive. See the rules for resolving Relative References.Example Object Examples
+
+requestBody:
+ content:
+ 'application/json':
+ schema:
+ $ref: '#/components/schemas/Address'
+ examples:
+ foo:
+ summary: A foo example
+ value: {"foo": "bar"}
+ bar:
+ summary: A bar example
+ value: {"bar": "baz"}
+ 'application/xml':
+ examples:
+ xmlExample:
+ summary: This is an example in XML
+ externalValue: 'https://example.org/examples/address-example.xml'
+ 'text/plain':
+ examples:
+ textExample:
+ summary: This is a text example
+ externalValue: 'https://foo.bar/examples/address-example.txt'
+
+parameters:
+ - name: 'zipCode'
+ in: 'query'
+ schema:
+ type: 'string'
+ format: 'zip-code'
+ examples:
+ zip-example:
+ $ref: '#/components/examples/zip-example'
+
+responses:
+ '200':
+ description: your car appointment has been booked
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SuccessResponse'
+ examples:
+ confirmation-success:
+ $ref: '#/components/examples/confirmation-success'
+Link Object
+Link object represents a possible design-time link for a response.
+The presence of a link does not guarantee the caller’s ability to successfully invoke it, rather it provides a known relationship and traversal mechanism between responses and other operations.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ operationRef
+stringA relative or absolute URI reference to an OAS operation. This field is mutually exclusive of the
+operationId field, and MUST point to an Operation Object. Relative operationRef values MAY be used to locate an existing Operation Object in the OpenAPI definition. See the rules for resolving Relative References.
+
+ operationId
+stringThe name of an existing, resolvable OAS operation, as defined with a unique
+operationId. This field is mutually exclusive of the operationRef field.
+
+ parameters
+Map[
+string, Any | {expression}]A map representing parameters to pass to an operation as specified with
+operationId or identified via operationRef. The key is the parameter name to be used, whereas the value can be a constant or an expression to be evaluated and passed to the linked operation. The parameter name can be qualified using the parameter location [{in}.]{name} for operations that use the same parameter name in different locations (e.g. path.id).
+
+ requestBody
+Any | {expression}
+A literal value or {expression} to use as a request body when calling the target operation.
+
+
+ description
+stringA description of the link. CommonMark syntax MAY be used for rich text representation.
+
+
+
+ server
+Server Object
+A server object to be used by the target operation.
+operationRef or operationId.
+In the case of an operationId, it MUST be unique and resolved in the scope of the OAS document.
+Because of the potential for name clashes, the operationRef syntax is preferred
+for OpenAPI documents with external references.Examples
+$request.path.id is used to pass a request parameter to the linked operation.
+paths:
+ /users/{id}:
+ parameters:
+ - name: id
+ in: path
+ required: true
+ description: the user identifier, as userId
+ schema:
+ type: string
+ get:
+ responses:
+ '200':
+ description: the user being returned
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ uuid: # the unique user id
+ type: string
+ format: uuid
+ links:
+ address:
+ # the target link operationId
+ operationId: getUserAddress
+ parameters:
+ # get the `id` field from the request path parameter named `id`
+ userId: $request.path.id
+ # the path item of the linked operation
+ /users/{userid}/address:
+ parameters:
+ - name: userid
+ in: path
+ required: true
+ description: the user identifier, as userId
+ schema:
+ type: string
+ # linked operation
+ get:
+ operationId: getUserAddress
+ responses:
+ '200':
+ description: the user's address
+
+links:
+ address:
+ operationId: getUserAddressByUUID
+ parameters:
+ # get the `uuid` field from the `uuid` field in the response body
+ userUuid: $response.body#/uuid
+OperationRef Examples
+operationId MAY NOT be possible (the operationId is an optional
+field in an Operation Object), references MAY also be made through a relative operationRef:
+links:
+ UserRepositories:
+ # returns array of '#/components/schemas/repository'
+ operationRef: '#/paths/~12.0~1repositories~1{username}/get'
+ parameters:
+ username: $response.body#/username
+operationRef:
+links:
+ UserRepositories:
+ # returns array of '#/components/schemas/repository'
+ operationRef: 'https://na2.gigantic-server.com/#/paths/~12.0~1repositories~1{username}/get'
+ parameters:
+ username: $response.body#/username
+operationRef, the escaped forward-slash is necessary when
+using JSON references.Runtime Expressions
+
+ expression = ( "$url" / "$method" / "$statusCode" / "$request." source / "$response." source )
+ source = ( header-reference / query-reference / path-reference / body-reference )
+ header-reference = "header." token
+ query-reference = "query." name
+ path-reference = "path." name
+ body-reference = "body" ["#" json-pointer ]
+ json-pointer = *( "/" reference-token )
+ reference-token = *( unescaped / escaped )
+ unescaped = %x00-2E / %x30-7D / %x7F-10FFFF
+ ; %x2F ('/') and %x7E ('~') are excluded from 'unescaped'
+ escaped = "~" ( "0" / "1" )
+ ; representing '~' and '/', respectively
+ name = *( CHAR )
+ token = 1*tchar
+ tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*" / "+" / "-" / "." /
+ "^" / "_" / "`" / "|" / "~" / DIGIT / ALPHA
+json-pointer is taken from [[!RFC6901]], char from [[!RFC7159]] and token from [[!RFC7230]].name identifier is case-sensitive, whereas token is not.Examples
+
+
+
+
+
+
+
+Source Location
+example expression
+notes
+
+
+HTTP Method
+$methodThe allowable values for the
+$method will be those for the HTTP operation.
+
+Requested media type
+$request.header.accept
+
+
+Request parameter
+$request.path.idRequest parameters MUST be declared in the
+parameters section of the parent operation or they cannot be evaluated. This includes request headers.
+
+Request body property
+$request.body#/user/uuidIn operations which accept payloads, references may be made to portions of the
+requestBody or the entire body.
+
+Request URL
+$url
+
+
+Response value
+$response.body#/statusIn operations which return payloads, references may be made to portions of the response body or the entire body.
+
+
+
+Response header
+$response.header.ServerSingle header values only are available
+{} curly braces.Header Object
+
+
+name MUST NOT be specified, it is given in the corresponding headers map.in MUST NOT be specified, it is implicitly in header.header (for example, style).Header Object Example
+integer:
+{
+ "description": "The number of allowed requests in the current period",
+ "schema": {
+ "type": "integer"
+ }
+}
+
+description: The number of allowed requests in the current period
+schema:
+ type: integer
+Tag Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ name
+stringREQUIRED. The name of the tag.
+
+
+ description
+stringA description for the tag. CommonMark syntax MAY be used for rich text representation.
+
+
+
+ externalDocs
+External Documentation Object
+Additional external documentation for this tag.
+Tag Object Example
+
+{
+ "name": "pet",
+ "description": "Pets operations"
+}
+
+name: pet
+description: Pets operations
+Reference Object
+$ref string value contains a URI [[!RFC3986]], which identifies the location of the value being referenced.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ $ref
+stringREQUIRED. The reference identifier. This MUST be in the form of a URI.
+
+
+ summary
+stringA short summary which by default SHOULD override that of the referenced component. If the referenced object-type does not allow a
+summary field, then this field has no effect.
+
+
+ description
+stringA description which by default SHOULD override that of the referenced component. CommonMark syntax MAY be used for rich text representation. If the referenced object-type does not allow a
+description field, then this field has no effect.Schema Objects that contain a $ref keyword.Reference Object Example
+
+{
+ "$ref": "#/components/schemas/Pet"
+}
+
+$ref: '#/components/schemas/Pet'
+Relative Schema Document Example
+
+{
+ "$ref": "Pet.json"
+}
+
+$ref: Pet.yaml
+Relative Documents With Embedded Schema Example
+
+{
+ "$ref": "definitions.json#/Pet"
+}
+
+$ref: definitions.yaml#/Pet
+Schema Object
+Properties
+https://spec.openapis.org/oas/3.1/dialect/base (the “OAS dialect schema id”).
+
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ discriminator
+Discriminator Object
+Adds support for polymorphism. The discriminator is an object name that is used to differentiate between other schemas which may satisfy the payload description. See Composition and Inheritance for more details.
+
+
+ xml
+XML Object
+This MAY be used only on properties schemas. It has no effect on root schemas. Adds additional metadata to describe the XML representation of this property.
+
+
+ externalDocs
+External Documentation Object
+Additional external documentation for this schema.
+
+
+
+ example
+Any
+A free-form property to include an example of an instance for this schema. To represent examples that cannot be naturally represented in JSON or YAML, a string value can be used to contain the example with escaping where necessary.
+
Deprecated: The example property has been deprecated in favor of the JSON Schema examples keyword. Use of example is discouraged, and later versions of this specification may remove it.x- prefix within this object.Composition and Inheritance (Polymorphism)
+allOf property of JSON Schema, in effect offering model composition.
+allOf takes an array of object definitions that are validated independently but together compose a single object.discriminator field.
+When used, the discriminator will be the name of the property that decides which schema definition validates the structure of the model.
+As such, the discriminator field MUST be a required field.
+There are two ways to define the value of a discriminator for an inheriting instance.
+
+XML Modeling
+Specifying Schema Dialects
+$schema keyword MAY be present in any root Schema Object, and if present MUST be used to determine which dialect should be used when processing the schema. This allows use of Schema Objects which comply with other drafts of JSON Schema than the default Draft 2020-12 support. Tooling MUST support the OAS dialect schema id, and MAY support additional values of $schema.$schema value for all Schema Objects contained within an OAS document, a jsonSchemaDialect value may be set within the OpenAPI Object. If this default is not set, then the OAS dialect schema id MUST be used for these Schema Objects. The value of $schema within a Schema Object always overrides any default.$schema keyword for schemas within that resource MUST follow JSON Schema rules.Schema Object Examples
+Primitive Sample
+
+{
+ "type": "string",
+ "format": "email"
+}
+
+type: string
+format: email
+Simple Model
+
+{
+ "type": "object",
+ "required": [
+ "name"
+ ],
+ "properties": {
+ "name": {
+ "type": "string"
+ },
+ "address": {
+ "$ref": "#/components/schemas/Address"
+ },
+ "age": {
+ "type": "integer",
+ "format": "int32",
+ "minimum": 0
+ }
+ }
+}
+
+type: object
+required:
+- name
+properties:
+ name:
+ type: string
+ address:
+ $ref: '#/components/schemas/Address'
+ age:
+ type: integer
+ format: int32
+ minimum: 0
+Model with Map/Dictionary Properties
+
+{
+ "type": "object",
+ "additionalProperties": {
+ "type": "string"
+ }
+}
+
+type: object
+additionalProperties:
+ type: string
+
+{
+ "type": "object",
+ "additionalProperties": {
+ "$ref": "#/components/schemas/ComplexModel"
+ }
+}
+
+type: object
+additionalProperties:
+ $ref: '#/components/schemas/ComplexModel'
+Model with Example
+
+{
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "integer",
+ "format": "int64"
+ },
+ "name": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "name"
+ ],
+ "example": {
+ "name": "Puma",
+ "id": 1
+ }
+}
+
+type: object
+properties:
+ id:
+ type: integer
+ format: int64
+ name:
+ type: string
+required:
+- name
+example:
+ name: Puma
+ id: 1
+Models with Composition
+
+{
+ "components": {
+ "schemas": {
+ "ErrorModel": {
+ "type": "object",
+ "required": [
+ "message",
+ "code"
+ ],
+ "properties": {
+ "message": {
+ "type": "string"
+ },
+ "code": {
+ "type": "integer",
+ "minimum": 100,
+ "maximum": 600
+ }
+ }
+ },
+ "ExtendedErrorModel": {
+ "allOf": [
+ {
+ "$ref": "#/components/schemas/ErrorModel"
+ },
+ {
+ "type": "object",
+ "required": [
+ "rootCause"
+ ],
+ "properties": {
+ "rootCause": {
+ "type": "string"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+}
+
+components:
+ schemas:
+ ErrorModel:
+ type: object
+ required:
+ - message
+ - code
+ properties:
+ message:
+ type: string
+ code:
+ type: integer
+ minimum: 100
+ maximum: 600
+ ExtendedErrorModel:
+ allOf:
+ - $ref: '#/components/schemas/ErrorModel'
+ - type: object
+ required:
+ - rootCause
+ properties:
+ rootCause:
+ type: string
+Models with Polymorphism Support
+
+{
+ "components": {
+ "schemas": {
+ "Pet": {
+ "type": "object",
+ "discriminator": {
+ "propertyName": "petType"
+ },
+ "properties": {
+ "name": {
+ "type": "string"
+ },
+ "petType": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "name",
+ "petType"
+ ]
+ },
+ "Cat": {
+ "description": "A representation of a cat. Note that `Cat` will be used as the discriminator value.",
+ "allOf": [
+ {
+ "$ref": "#/components/schemas/Pet"
+ },
+ {
+ "type": "object",
+ "properties": {
+ "huntingSkill": {
+ "type": "string",
+ "description": "The measured skill for hunting",
+ "default": "lazy",
+ "enum": [
+ "clueless",
+ "lazy",
+ "adventurous",
+ "aggressive"
+ ]
+ }
+ },
+ "required": [
+ "huntingSkill"
+ ]
+ }
+ ]
+ },
+ "Dog": {
+ "description": "A representation of a dog. Note that `Dog` will be used as the discriminator value.",
+ "allOf": [
+ {
+ "$ref": "#/components/schemas/Pet"
+ },
+ {
+ "type": "object",
+ "properties": {
+ "packSize": {
+ "type": "integer",
+ "format": "int32",
+ "description": "the size of the pack the dog is from",
+ "default": 0,
+ "minimum": 0
+ }
+ },
+ "required": [
+ "packSize"
+ ]
+ }
+ ]
+ }
+ }
+ }
+}
+
+components:
+ schemas:
+ Pet:
+ type: object
+ discriminator:
+ propertyName: petType
+ properties:
+ name:
+ type: string
+ petType:
+ type: string
+ required:
+ - name
+ - petType
+ Cat: ## "Cat" will be used as the discriminator value
+ description: A representation of a cat
+ allOf:
+ - $ref: '#/components/schemas/Pet'
+ - type: object
+ properties:
+ huntingSkill:
+ type: string
+ description: The measured skill for hunting
+ enum:
+ - clueless
+ - lazy
+ - adventurous
+ - aggressive
+ required:
+ - huntingSkill
+ Dog: ## "Dog" will be used as the discriminator value
+ description: A representation of a dog
+ allOf:
+ - $ref: '#/components/schemas/Pet'
+ - type: object
+ properties:
+ packSize:
+ type: integer
+ format: int32
+ description: the size of the pack the dog is from
+ default: 0
+ minimum: 0
+ required:
+ - packSize
+Discriminator Object
+discriminator object can be used to aid in serialization, deserialization, and validation. The discriminator is a specific object in a schema which is used to inform the consumer of the document of an alternative schema based on the value associated with it.Fixed Fields
+oneOf, anyOf, allOf.
+MyResponseType:
+ oneOf:
+ - $ref: '#/components/schemas/Cat'
+ - $ref: '#/components/schemas/Dog'
+ - $ref: '#/components/schemas/Lizard'
+Cat, Dog, or Lizard. In this case, a discriminator MAY act as a “hint” to shortcut validation and selection of the matching schema which may be a costly operation, depending on the complexity of the schema. We can then describe exactly which field tells us which schema to use:
+MyResponseType:
+ oneOf:
+ - $ref: '#/components/schemas/Cat'
+ - $ref: '#/components/schemas/Dog'
+ - $ref: '#/components/schemas/Lizard'
+ discriminator:
+ propertyName: petType
+petType MUST be present in the response payload, and the value will correspond to the name of a schema defined in the OAS document. Thus the response payload:
+{
+ "id": 12345,
+ "petType": "Cat"
+}
+Cat schema be used in conjunction with this payload.mapping definition MAY be used:
+MyResponseType:
+ oneOf:
+ - $ref: '#/components/schemas/Cat'
+ - $ref: '#/components/schemas/Dog'
+ - $ref: '#/components/schemas/Lizard'
+ - $ref: 'https://gigantic-server.com/schemas/Monster/schema.json'
+ discriminator:
+ propertyName: petType
+ mapping:
+ dog: '#/components/schemas/Dog'
+ monster: 'https://gigantic-server.com/schemas/Monster/schema.json'
+dog will map to the schema #/components/schemas/Dog, rather than the default (implicit) value of Dog. If the discriminator value does not match an implicit or explicit mapping, no schema can be determined and validation SHOULD fail. Mapping keys MUST be string values, but tooling MAY convert response values to strings for comparison.anyOf construct, the use of the discriminator can avoid ambiguity where multiple schemas may satisfy a single payload.oneOf and anyOf use cases, all possible schemas MUST be listed explicitly. To avoid redundancy, the discriminator MAY be added to a parent schema definition, and all schemas comprising the parent schema in an allOf construct may be used as an alternate schema.
+components:
+ schemas:
+ Pet:
+ type: object
+ required:
+ - petType
+ properties:
+ petType:
+ type: string
+ discriminator:
+ propertyName: petType
+ mapping:
+ dog: Dog
+ Cat:
+ allOf:
+ - $ref: '#/components/schemas/Pet'
+ - type: object
+ # all other properties specific to a `Cat`
+ properties:
+ name:
+ type: string
+ Dog:
+ allOf:
+ - $ref: '#/components/schemas/Pet'
+ - type: object
+ # all other properties specific to a `Dog`
+ properties:
+ bark:
+ type: string
+ Lizard:
+ allOf:
+ - $ref: '#/components/schemas/Pet'
+ - type: object
+ # all other properties specific to a `Lizard`
+ properties:
+ lovesRocks:
+ type: boolean
+
+{
+ "petType": "Cat",
+ "name": "misty"
+}
+Cat schema be used. Likewise this schema:
+{
+ "petType": "dog",
+ "bark": "soft"
+}
+Dog because of the definition in the mapping element.XML Object
+name property SHOULD be used to add that information.
+See examples for expected behavior.Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ name
+stringReplaces the name of the element/attribute used for the described schema property. When defined within
+items, it will affect the name of the individual XML elements within the list. When defined alongside type being array (outside the items), it will affect the wrapping element and only if wrapped is true. If wrapped is false, it will be ignored.
+
+ namespace
+stringThe URI of the namespace definition. This MUST be in the form of an absolute URI.
+
+
+ prefix
+stringThe prefix to be used for the name.
+
+
+ attribute
+booleanDeclares whether the property definition translates to an attribute instead of an element. Default value is
+false.
+
+
+ wrapped
+booleanMAY be used only for an array definition. Signifies whether the array is wrapped (for example,
+<books><book/><book/></books>) or unwrapped (<book/><book/>). Default value is false. The definition takes effect only when defined alongside type being array (outside the items).XML Object Examples
+No XML Element
+
+{
+ "animals": {
+ "type": "string"
+ }
+}
+
+animals:
+ type: string
+
+<animals>...</animals>
+wrapped is false by default):
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+
+<animals>...</animals>
+<animals>...</animals>
+<animals>...</animals>
+XML Name Replacement
+
+{
+ "animals": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ }
+}
+
+animals:
+ type: string
+ xml:
+ name: animal
+
+<animal>...</animal>
+XML Attribute, Prefix and Namespace
+
+{
+ "Person": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "integer",
+ "format": "int32",
+ "xml": {
+ "attribute": true
+ }
+ },
+ "name": {
+ "type": "string",
+ "xml": {
+ "namespace": "https://example.com/schema/sample",
+ "prefix": "sample"
+ }
+ }
+ }
+ }
+}
+
+Person:
+ type: object
+ properties:
+ id:
+ type: integer
+ format: int32
+ xml:
+ attribute: true
+ name:
+ type: string
+ xml:
+ namespace: https://example.com/schema/sample
+ prefix: sample
+
+<Person id="123">
+ <sample:name xmlns:sample="https://example.com/schema/sample">example</sample:name>
+</Person>
+XML Arrays
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: animal
+
+<animal>value</animal>
+<animal>value</animal>
+name property has no effect on the XML:
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ },
+ "xml": {
+ "name": "aliens"
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: animal
+ xml:
+ name: aliens
+
+<animal>value</animal>
+<animal>value</animal>
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ },
+ "xml": {
+ "wrapped": true
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ wrapped: true
+
+<animals>
+ <animals>value</animals>
+ <animals>value</animals>
+</animals>
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ },
+ "xml": {
+ "wrapped": true
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: animal
+ xml:
+ wrapped: true
+
+<animals>
+ <animal>value</animal>
+ <animal>value</animal>
+</animals>
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "xml": {
+ "name": "animal"
+ }
+ },
+ "xml": {
+ "name": "aliens",
+ "wrapped": true
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: animal
+ xml:
+ name: aliens
+ wrapped: true
+
+<aliens>
+ <animal>value</animal>
+ <animal>value</animal>
+</aliens>
+
+{
+ "animals": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ },
+ "xml": {
+ "name": "aliens",
+ "wrapped": true
+ }
+ }
+}
+
+animals:
+ type: array
+ items:
+ type: string
+ xml:
+ name: aliens
+ wrapped: true
+
+<aliens>
+ <aliens>value</aliens>
+ <aliens>value</aliens>
+</aliens>
+Security Scheme Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Applies To
+Description
+
+
+ type
+stringAny
+REQUIRED. The type of the security scheme. Valid values are
+"apiKey", "http", "mutualTLS", "oauth2", "openIdConnect".
+
+ description
+stringAny
+A description for security scheme. CommonMark syntax MAY be used for rich text representation.
+
+
+ name
+stringapiKeyREQUIRED. The name of the header, query or cookie parameter to be used.
+
+
+ in
+stringapiKeyREQUIRED. The location of the API key. Valid values are
+"query", "header" or "cookie".
+
+ scheme
+stringhttpREQUIRED. The name of the HTTP Authorization scheme to be used in the Authorization header as defined in [[!RFC7235]]. The values used SHOULD be registered in the IANA Authentication Scheme registry.
+
+
+ bearerFormat
+stringhttp ("bearer")A hint to the client to identify how the bearer token is formatted. Bearer tokens are usually generated by an authorization server, so this information is primarily for documentation purposes.
+
+
+ flows
+OAuth Flows Object
+oauth2REQUIRED. An object containing configuration information for the flow types supported.
+
+
+
+ openIdConnectUrl
+stringopenIdConnectREQUIRED. OpenId Connect URL to discover OAuth2 configuration values. This MUST be in the form of a URL. The OpenID Connect standard requires the use of TLS.
+Security Scheme Object Example
+Basic Authentication Sample
+
+{
+ "type": "http",
+ "scheme": "basic"
+}
+
+type: http
+scheme: basic
+API Key Sample
+
+{
+ "type": "apiKey",
+ "name": "api_key",
+ "in": "header"
+}
+
+type: apiKey
+name: api_key
+in: header
+JWT Bearer Sample
+
+{
+ "type": "http",
+ "scheme": "bearer",
+ "bearerFormat": "JWT",
+}
+
+type: http
+scheme: bearer
+bearerFormat: JWT
+Implicit OAuth2 Sample
+
+{
+ "type": "oauth2",
+ "flows": {
+ "implicit": {
+ "authorizationUrl": "https://example.com/api/oauth/dialog",
+ "scopes": {
+ "write:pets": "modify pets in your account",
+ "read:pets": "read your pets"
+ }
+ }
+ }
+}
+
+type: oauth2
+flows:
+ implicit:
+ authorizationUrl: https://example.com/api/oauth/dialog
+ scopes:
+ write:pets: modify pets in your account
+ read:pets: read your pets
+OAuth Flows Object
+Fixed Fields
+
+
+
+
+
+
+
+Field Name
+Type
+Description
+
+
+ implicit
+OAuth Flow Object
+Configuration for the OAuth Implicit flow
+
+
+ password
+OAuth Flow Object
+Configuration for the OAuth Resource Owner Password flow
+
+
+ clientCredentials
+OAuth Flow Object
+Configuration for the OAuth Client Credentials flow. Previously called
+application in OpenAPI 2.0.
+
+
+ authorizationCode
+OAuth Flow Object
+Configuration for the OAuth Authorization Code flow. Previously called
+accessCode in OpenAPI 2.0.OAuth Flow Object
+Fixed Fields
+OAuth Flow Object Examples
+
+{
+ "type": "oauth2",
+ "flows": {
+ "implicit": {
+ "authorizationUrl": "https://example.com/api/oauth/dialog",
+ "scopes": {
+ "write:pets": "modify pets in your account",
+ "read:pets": "read your pets"
+ }
+ },
+ "authorizationCode": {
+ "authorizationUrl": "https://example.com/api/oauth/dialog",
+ "tokenUrl": "https://example.com/api/oauth/token",
+ "scopes": {
+ "write:pets": "modify pets in your account",
+ "read:pets": "read your pets"
+ }
+ }
+ }
+}
+
+type: oauth2
+flows:
+ implicit:
+ authorizationUrl: https://example.com/api/oauth/dialog
+ scopes:
+ write:pets: modify pets in your account
+ read:pets: read your pets
+ authorizationCode:
+ authorizationUrl: https://example.com/api/oauth/dialog
+ tokenUrl: https://example.com/api/oauth/token
+ scopes:
+ write:pets: modify pets in your account
+ read:pets: read your pets
+Security Requirement Object
+Patterned Fields
+
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ {name}
+[
+string]Each name MUST correspond to a security scheme which is declared in the Security Schemes under the Components Object. If the security scheme is of type
+"oauth2" or "openIdConnect", then the value is a list of scope names required for the execution, and the list MAY be empty if authorization does not require a specified scope. For other security scheme types, the array MAY contain a list of role names which are required for the execution, but are not otherwise defined or exchanged in-band.Security Requirement Object Examples
+Non-OAuth2 Security Requirement
+
+{
+ "api_key": []
+}
+
+api_key: []
+OAuth2 Security Requirement
+
+{
+ "petstore_auth": [
+ "write:pets",
+ "read:pets"
+ ]
+}
+
+petstore_auth:
+- write:pets
+- read:pets
+Optional OAuth2 Security
+
+{
+ "security": [
+ {},
+ {
+ "petstore_auth": [
+ "write:pets",
+ "read:pets"
+ ]
+ }
+ ]
+}
+
+security:
+ - {}
+ - petstore_auth:
+ - write:pets
+ - read:pets
+Specification Extensions
+"x-".
+
+
+
+
+
+
+Field Pattern
+Type
+Description
+
+
+
+ ^x-
+Any
+Allows extensions to the OpenAPI Schema. The field name MUST begin with
+x-, for example, x-internal-id. Field names beginning x-oai- and x-oas- are reserved for uses defined by the OpenAPI Initiative. The value can be null, a primitive, an array or an object.Security Filtering
+
+
+Appendix A: Revision History
+
+
+
+
diff --git a/docs/registries/_alternative-schema/jsonSchema.md b/docs/registries/_alternative-schema/jsonSchema.md
new file mode 100644
index 0000000000..ba6858e107
--- /dev/null
+++ b/docs/registries/_alternative-schema/jsonSchema.md
@@ -0,0 +1,12 @@
+---
+owner: darrelmiller
+issue: 1532
+description: JSON Schema
+layout: default
+---
+
+{% capture summary %}
+The `{{ page.slug }}` `alternativeSchema` `type` refers to [JSON Schema](http://json-schema.org/) in any version.
+{% endcapture %}
+
+{% include alternative-schema-entry.md summary=summary %}
diff --git a/docs/registries/_alternative-schema/xmlSchema.md b/docs/registries/_alternative-schema/xmlSchema.md
new file mode 100644
index 0000000000..b833244f04
--- /dev/null
+++ b/docs/registries/_alternative-schema/xmlSchema.md
@@ -0,0 +1,12 @@
+---
+owner: darrelmiller
+issue: 1532
+description: xml Schema
+layout: default
+---
+
+{% capture summary %}
+The `{{ page.slug }}` `alternativeSchema` `type` refers to [xml Schema](https://www.w3.org/XML/Schema) in any version.
+{% endcapture %}
+
+{% include alternative-schema-entry.md summary=summary %}
diff --git a/docs/registries/_draft-feature/alternativeSchema.md b/docs/registries/_draft-feature/alternativeSchema.md
new file mode 100644
index 0000000000..01147f2b40
--- /dev/null
+++ b/docs/registries/_draft-feature/alternativeSchema.md
@@ -0,0 +1,33 @@
+---
+owner: darrelmiller
+issue: 1532
+description: x-oas-draft-alternativeSchema
+
+layout: default
+---
+
+# {{ page.collection }}
+
+## {{ page.slug }} - {{ page.description }}
+
+#### Media Type Object
+
+
+##### Fixed Fields
+
+Field Name | Type | Description
+---|:---:|---
+alternativeSchemas | [[alternative Schema Object](#alternativeSchemaObject)] | List of alternative schemas. These schemas can be used in addition to, or as an alternative to any existing `schema` property. If both OAS Schema and alternative schemas are present then both the OAS schema and one of the alternative schemas SHOULD be respected. Alternative schemas MUST be processed in order. It is sufficient for tooling to process just the first alternative schema they are capable of processing in order to consider the content as valid. If tooling cannot process any alternative schemas, then they MAY issue a warning, but MUST not report the OpenAPI description as invalid.
+
+#### Alternative Schema Object
+
+This object makes it possible to reference an external file that contains a schema that does not follow the OAS specification.
+
+##### Fixed Fields
+
+| Field Name | Type | Description |
+|---|:---:|---|
+type | `string` | **REQUIRED**. The value MUST match one of the values identified in the alternative Schema Registry name of the tag.
+externalValue | `url` | **REQUIRED**. This is a absolute or relative reference to an external file containing a schema of a known type.
+
+This object MAY be extended with [Specification Extensions](#specificationExtensions).
diff --git a/docs/registries/_extension/x-twitter.md b/docs/registries/_extension/x-twitter.md
new file mode 100644
index 0000000000..6fe0ea333c
--- /dev/null
+++ b/docs/registries/_extension/x-twitter.md
@@ -0,0 +1,30 @@
+---
+owner: MikeRalphson
+issue:
+description: Used to hold a reference to the API provider's Twitter account.
+schema:
+ type: string
+objects: [ "contactObject" ]
+layout: default
+---
+
+{% capture summary %}
+The `x-twitter` extension is used to hold a reference to the API provider's Twitter account. It can appear as a property in the following objects: `{{page.objects|jsonify}}`.
+{% endcapture %}
+
+{% capture example %}
+```yaml
+openapi: 3.0.0
+info:
+ title: My API
+ version: 1.0.0
+ contact:
+ x-twitter: APIs-guru
+```
+
+Used by: (informational)
+
+* APIs.guru
+{% endcapture %}
+
+{% include extension-entry.md summary=summary example=example %}
diff --git a/docs/registries/_format/base64url.md b/docs/registries/_format/base64url.md
new file mode 100644
index 0000000000..eac3e8ec22
--- /dev/null
+++ b/docs/registries/_format/base64url.md
@@ -0,0 +1,15 @@
+---
+owner: baywet
+issue:
+description: Binary data encoded as a url-safe string as defined in [RFC4648](https://www.rfc-editor.org/rfc/rfc4648#section-5)
+base_type: string
+layout: default
+deprecated_note: '3.1'
+remarks: "When using OpenAPI 3.1 it's recommended not to use this format and instead use [`contentEncoding` with a value of `base64url`](https://json-schema.org/draft/2020-12/json-schema-validation.html#name-contentencoding)."
+---
+
+{% capture summary %}
+The `{{page.slug}}` format is binary data encoded as a url-safe string as defined in [RFC4648](https://www.rfc-editor.org/rfc/rfc4648#section-5).
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/binary.md b/docs/registries/_format/binary.md
new file mode 100644
index 0000000000..6b77446759
--- /dev/null
+++ b/docs/registries/_format/binary.md
@@ -0,0 +1,17 @@
+---
+owner: DarrelMiller
+issue:
+description: any sequence of octets
+base_type: string
+layout: default
+deprecated_note: '3.1'
+remarks: "In OpenAPI 3.1, instead set the media type appropriately and do not use a schema property. Note that only complete HTTP message bodies or complete parts in a multipart media type can accommodate binary data. JSON strings and URL path components cannot."
+source: https://spec.openapis.org/oas/v3.0.3.html#data-types
+source_label: OAS
+---
+
+{% capture summary %}
+The `{{page.slug}}` format represents any sequence of octets. This format entry is to ensure future versions of OpenAPI maintain compatibility with [OpenAPI 3.0.x](https://spec.openapis.org/oas/v3.0.0).
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/byte.md b/docs/registries/_format/byte.md
new file mode 100644
index 0000000000..920c65ce2c
--- /dev/null
+++ b/docs/registries/_format/byte.md
@@ -0,0 +1,17 @@
+---
+owner: DarrelMiller
+issue:
+description: base64 encoded data as defined in [RFC4648](https://www.rfc-editor.org/rfc/rfc4648#section-4)
+base_type: string
+layout: default
+deprecated_note: '3.1'
+remarks: "In OpenAPI 3.1, instead use [`contentEncoding: base64`](https://json-schema.org/draft/2020-12/json-schema-validation.html#name-contentencoding), optionally alongside [contentMediaType](https://json-schema.org/draft/2020-12/json-schema-validation.html#name-contentmediatype)."
+source: https://spec.openapis.org/oas/v3.0.3.html#data-types
+source_label: OAS
+---
+
+{% capture summary %}
+The `{{page.slug}}` format represents any sequence of octets encoded as a base64 string as defined in [RFC4648](https://www.rfc-editor.org/rfc/rfc4648#section-4). This format entry is to ensure future versions of OpenAPI maintain compatibility with [OpenAPI 3.0.x](https://spec.openapis.org/oas/v3.0.0).
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/char.md b/docs/registries/_format/char.md
new file mode 100644
index 0000000000..a475303718
--- /dev/null
+++ b/docs/registries/_format/char.md
@@ -0,0 +1,13 @@
+---
+owner: baywet
+issue:
+description: A single character
+base_type: string
+layout: default
+---
+
+{% capture summary %}
+The `{{page.slug}}` format is a single character.
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/commonmark.md b/docs/registries/_format/commonmark.md
new file mode 100644
index 0000000000..1e0adc0f26
--- /dev/null
+++ b/docs/registries/_format/commonmark.md
@@ -0,0 +1,15 @@
+---
+owner: MikeRalphson
+description: commonmark-formatted text
+base_type: string
+issue:
+layout: default
+source: https://spec.openapis.org/oas/latest.html#data-types
+source_label: OAS
+---
+
+{% capture summary %}
+The `{{page.slug}}` format represents [CommonMark](https://commonmark.org/) formatted text.
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/date-time.md b/docs/registries/_format/date-time.md
new file mode 100644
index 0000000000..8c4aeb43ce
--- /dev/null
+++ b/docs/registries/_format/date-time.md
@@ -0,0 +1,15 @@
+---
+owner: DarrelMiller
+issue:
+description: date and time as defined by date-time - [RFC3339](https://www.rfc-editor.org/rfc/rfc3339#section-5.6)
+base_type: string
+layout: default
+source_label: JSON Schema
+source: https://json-schema.org/draft/2020-12/json-schema-validation.html#name-dates-times-and-duration
+---
+
+{% capture summary %}
+The `{{page.slug}}` format represents a date and time as defined by date-time - [RFC3339](https://www.rfc-editor.org/rfc/rfc3339#section-5.6). This format entry is to ensure future versions of OpenAPI maintain compatibility with [OpenAPI 3.0.x](https://spec.openapis.org/oas/v3.0.0).
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/date.md b/docs/registries/_format/date.md
new file mode 100644
index 0000000000..7d9fc70533
--- /dev/null
+++ b/docs/registries/_format/date.md
@@ -0,0 +1,15 @@
+---
+owner: DarrelMiller
+issue:
+description: date as defined by full-date - [RFC3339](https://www.rfc-editor.org/rfc/rfc3339#section-5.6)
+base_type: string
+layout: default
+source_label: JSON Schema
+source: https://json-schema.org/draft/2020-12/json-schema-validation.html#name-dates-times-and-duration
+---
+
+{% capture summary %}
+The `{{page.slug}}` format represents a date as defined by full-date - [RFC3339](https://www.rfc-editor.org/rfc/rfc3339#section-5.6). This format entry is to ensure future versions of OpenAPI maintain compatibility with [OpenAPI 3.0.x](https://spec.openapis.org/oas/v3.0.0).
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/decimal.md b/docs/registries/_format/decimal.md
new file mode 100644
index 0000000000..6dbcb1b723
--- /dev/null
+++ b/docs/registries/_format/decimal.md
@@ -0,0 +1,14 @@
+---
+owner: baywet
+issue: 889
+description: A fixed point decimal number of unspecified precision and range
+base_type: [string, number]
+layout: default
+remarks: This format is used in a variety of conflicting ways and is not interoperable.
+---
+
+{% capture summary %}
+The `{{page.slug}}` format represents a fixed point decimal number of unspecified precision and range.
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/decimal128.md b/docs/registries/_format/decimal128.md
new file mode 100644
index 0000000000..da2d806535
--- /dev/null
+++ b/docs/registries/_format/decimal128.md
@@ -0,0 +1,17 @@
+---
+owner:
+issue:
+description: A decimal floating-point number with 34 significant decimal digits
+base_type: [string, number]
+layout: default
+---
+
+{% capture summary %}
+The `{{page.slug}}` format represents a [128-bit decimal floating-point number](https://en.wikipedia.org/wiki/Decimal128_floating-point_format) as defined by IEEE 754 2008 and ISO/IEC/IEEE 60559:2011.
+
+Representation as a JSON string is preferred as this avoids problems with recipients that parse JSON numbers into [binary64](https://en.wikipedia.org/wiki/Double-precision_floating-point_format) memory representation.
+
+String representation allows expressing the special values `NaN`, `-INF`, and `INF` that cannot be expressed as JSON numbers.
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/double-int.md b/docs/registries/_format/double-int.md
new file mode 100644
index 0000000000..87a821f708
--- /dev/null
+++ b/docs/registries/_format/double-int.md
@@ -0,0 +1,15 @@
+---
+owner: mikekistler
+issue:
+description: an integer that can be stored in an IEEE 754 double-precision number without loss of precision
+base_type: integer
+layout: default
+---
+
+{% capture summary %}
+The `{{page.slug}}` format represents an integer that can be stored in an IEEE 754 double-precision number without loss of precision. The range of values is -(253)+1 to (253)-1.
+
+This format is useful for systems that need to support languages (such as JavaScript) that store all numeric values as IEEE 754 double-precision numbers.
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/double.md b/docs/registries/_format/double.md
new file mode 100644
index 0000000000..15336c4701
--- /dev/null
+++ b/docs/registries/_format/double.md
@@ -0,0 +1,15 @@
+---
+owner: DarrelMiller
+issue:
+description: double precision floating point number
+base_type: number
+layout: default
+source: https://spec.openapis.org/oas/latest.html#data-types
+source_label: OAS
+---
+
+{% capture summary %}
+The `{{page.slug}}` format represents a double precision (64bit) floating point number as defined by [IEEE Std 754-2019](https://ieeexplore.ieee.org/document/8766229). This format entry is to ensure future versions of OpenAPI maintain compatibility with [OpenAPI 3.0.x](https://spec.openapis.org/oas/v3.0.0).
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/duration.md b/docs/registries/_format/duration.md
new file mode 100644
index 0000000000..9240ade90b
--- /dev/null
+++ b/docs/registries/_format/duration.md
@@ -0,0 +1,16 @@
+---
+owner: baywet
+issue:
+description: duration as defined by duration - RFC3339
+base_type: string
+layout: default
+source_label: JSON Schema
+source: https://json-schema.org/draft/2020-12/json-schema-validation.html#name-dates-times-and-duration
+---
+
+{% capture summary %}
+The `{{page.slug}}` format represents a duration as defined by duration - [RFC3339](https://www.rfc-editor.org/rfc/rfc3339.html#appendix-A).
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
+
diff --git a/docs/registries/_format/email.md b/docs/registries/_format/email.md
new file mode 100644
index 0000000000..995943ee4b
--- /dev/null
+++ b/docs/registries/_format/email.md
@@ -0,0 +1,15 @@
+---
+owner: baywet
+issue:
+description: An email address as defined as Mailbox in RFC5321
+base_type: string
+layout: default
+source_label: JSON Schema
+source: https://json-schema.org/draft/2020-12/json-schema-validation.html#name-email-addresses
+---
+
+{% capture summary %}
+The `{{page.slug}}` format is an email address as defined as Mailbox in [RFC5321](https://www.rfc-editor.org/rfc/rfc5321).
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/float.md b/docs/registries/_format/float.md
new file mode 100644
index 0000000000..c2f845500b
--- /dev/null
+++ b/docs/registries/_format/float.md
@@ -0,0 +1,15 @@
+---
+owner: DarrelMiller
+issue:
+description: single precision floating point number
+base_type: number
+layout: default
+source: https://spec.openapis.org/oas/latest.html#data-types
+source_label: OAS
+---
+
+{% capture summary %}
+The `{{page.slug}}` format represents a single precision (32bit) floating point number as defined by [IEEE Std 754-2019](https://ieeexplore.ieee.org/document/8766229). This format entry is to ensure future versions of OpenAPI maintain compatibility with [OpenAPI 3.0.x](https://spec.openapis.org/oas/v3.0.0).
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/hostname.md b/docs/registries/_format/hostname.md
new file mode 100644
index 0000000000..24fa8d7940
--- /dev/null
+++ b/docs/registries/_format/hostname.md
@@ -0,0 +1,15 @@
+---
+owner: baywet
+issue:
+description: A host name as defined by RFC1123
+base_type: string
+layout: default
+source_label: JSON Schema
+source: https://json-schema.org/draft/2020-12/json-schema-validation.html#name-hostnames
+---
+
+{% capture summary %}
+The `{{page.slug}}` format is a host name as defined by [RFC1123](https://www.rfc-editor.org/info/rfc1123).
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/html.md b/docs/registries/_format/html.md
new file mode 100644
index 0000000000..51f7c1999f
--- /dev/null
+++ b/docs/registries/_format/html.md
@@ -0,0 +1,15 @@
+---
+owner: MikeRalphson
+description: HTML-formatted text
+base_type: string
+issue:
+layout: default
+source: https://spec.openapis.org/oas/latest.html#data-types
+source_label: OAS
+---
+
+{% capture summary %}
+The `{{page.slug}}` format represents HTML-formatted text.
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/http-date.md b/docs/registries/_format/http-date.md
new file mode 100644
index 0000000000..303332a0ea
--- /dev/null
+++ b/docs/registries/_format/http-date.md
@@ -0,0 +1,17 @@
+---
+owner: mikekistler
+issue:
+description: date and time as defined by HTTP-date - [RFC7231](https://datatracker.ietf.org/doc/html/rfc7231#section-7.1.1.1)
+base_type: string
+layout: default
+---
+
+{% capture summary %}
+The `{{page.slug}}` format represents a date and time as defined by HTTP-date - [RFC7231](https://datatracker.ietf.org/doc/html/rfc7231#section-7.1.1.1).
+
+Example: "Sun, 06 Nov 1994 08:49:37 GMT"
+
+This is the format for dates passed in HTTP headers.
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/idn-email.md b/docs/registries/_format/idn-email.md
new file mode 100644
index 0000000000..622046e718
--- /dev/null
+++ b/docs/registries/_format/idn-email.md
@@ -0,0 +1,15 @@
+---
+owner: baywet
+issue:
+description: An email address as defined as Mailbox in RFC6531
+base_type: string
+layout: default
+source_label: JSON Schema
+source: https://json-schema.org/draft/2020-12/json-schema-validation.html#name-email-addresses
+---
+
+{% capture summary %}
+The `{{page.slug}}` format is an email address as defined as Mailbox in [RFC6531](https://www.rfc-editor.org/rfc/rfc6531).
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/idn-hostname.md b/docs/registries/_format/idn-hostname.md
new file mode 100644
index 0000000000..5f2c7dcee0
--- /dev/null
+++ b/docs/registries/_format/idn-hostname.md
@@ -0,0 +1,15 @@
+---
+owner: baywet
+issue:
+description: An internationalized host name as defined by RFC5890
+base_type: string
+layout: default
+source_label: JSON Schema
+source: https://json-schema.org/draft/2020-12/json-schema-validation.html#name-hostnames
+---
+
+{% capture summary %}
+The `{{page.slug}}` format is an internationalized host name as defined by [RFC5890](https://www.rfc-editor.org/rfc/rfc5890.html).
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/int16.md b/docs/registries/_format/int16.md
new file mode 100644
index 0000000000..203f5104fe
--- /dev/null
+++ b/docs/registries/_format/int16.md
@@ -0,0 +1,13 @@
+---
+owner: DarrelMiller
+issue:
+description: signed 16-bit integer
+base_type: number
+layout: default
+---
+
+{% capture summary %}
+The `{{page.slug}}` format represents a signed 16-bit integer, with the range -32768 through +32767.
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/int32.md b/docs/registries/_format/int32.md
new file mode 100644
index 0000000000..135b568201
--- /dev/null
+++ b/docs/registries/_format/int32.md
@@ -0,0 +1,15 @@
+---
+owner: DarrelMiller
+issue:
+description: signed 32-bit integer
+base_type: number
+layout: default
+source: https://spec.openapis.org/oas/latest.html#data-types
+source_label: OAS
+---
+
+{% capture summary %}
+The `{{page.slug}}` format represents a signed 32-bit integer, with the range −2,147,483,648 through 2,147,483,647. This format entry is to ensure future versions of OpenAPI maintain compatibility with [OpenAPI 3.0.x](https://spec.openapis.org/oas/v3.0.0).
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/int64.md b/docs/registries/_format/int64.md
new file mode 100644
index 0000000000..e21d32a155
--- /dev/null
+++ b/docs/registries/_format/int64.md
@@ -0,0 +1,17 @@
+---
+owner: DarrelMiller
+issue:
+description: signed 64-bit integer
+base_type: [number, string]
+layout: default
+source: https://spec.openapis.org/oas/latest.html#data-types
+source_label: OAS
+---
+
+{% capture summary %}
+The `{{page.slug}}` format represents a signed 64-bit integer, with the range -9223372036854775808 through 9223372036854775807. This format entry is to ensure future versions of OpenAPI maintain compatibility with [OpenAPI 3.0.x](https://spec.openapis.org/oas/v3.0.0).
+
+Representation as a JSON string is recommended for values outside the 53-bit range (-9007199254740991 through 9007199254740991) as this avoids problems with recipients that parse JSON numbers into [binary64](https://en.wikipedia.org/wiki/Double-precision_floating-point_format) memory representation.
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/int8.md b/docs/registries/_format/int8.md
new file mode 100644
index 0000000000..c02618917a
--- /dev/null
+++ b/docs/registries/_format/int8.md
@@ -0,0 +1,15 @@
+---
+owner: MikeRalphson
+issue: 845
+description: signed 8-bit integer
+base_type: number
+layout: default
+source: https://spec.openapis.org/oas/latest.html#data-types
+source_label: OAS
+---
+
+{% capture summary %}
+The `{{page.slug}}` format represents a signed 8-bit integer, with the range -128 to 127.
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/ipv4.md b/docs/registries/_format/ipv4.md
new file mode 100644
index 0000000000..19463a9ee3
--- /dev/null
+++ b/docs/registries/_format/ipv4.md
@@ -0,0 +1,15 @@
+---
+owner: baywet
+issue:
+description: An IPv4 address as defined as dotted-quad by RFC2673
+base_type: string
+layout: default
+source_label: JSON Schema
+source: https://json-schema.org/draft/2020-12/json-schema-validation.html#name-ip-addresses
+---
+
+{% capture summary %}
+The `{{page.slug}}` format is an IPv4 address as defined as dotted-quad by [RFC2673](https://www.rfc-editor.org/info/rfc2673).
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/ipv6.md b/docs/registries/_format/ipv6.md
new file mode 100644
index 0000000000..11ce1f1679
--- /dev/null
+++ b/docs/registries/_format/ipv6.md
@@ -0,0 +1,15 @@
+---
+owner: baywet
+issue:
+description: An IPv6 address as defined by RFC4673
+base_type: string
+layout: default
+source_label: JSON Schema
+source: https://json-schema.org/draft/2020-12/json-schema-validation.html#name-ip-addresses
+---
+
+{% capture summary %}
+The `{{page.slug}}` format is an IPv6 address as defined by [RFC4291](https://www.rfc-editor.org/info/rfc4291).
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/iri-reference.md b/docs/registries/_format/iri-reference.md
new file mode 100644
index 0000000000..ae76e46da0
--- /dev/null
+++ b/docs/registries/_format/iri-reference.md
@@ -0,0 +1,15 @@
+---
+owner: baywet
+issue:
+description: A Internationalized Resource Identifier as defined in RFC3987
+base_type: string
+layout: default
+source_label: JSON Schema
+source: https://json-schema.org/draft/2020-12/json-schema-validation.html#name-resource-identifiers
+---
+
+{% capture summary %}
+The `{{page.slug}}` format is a Internationalized Resource Identifier as defined in [RFC3987](https://www.rfc-editor.org/info/rfc3987).
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/iri.md b/docs/registries/_format/iri.md
new file mode 100644
index 0000000000..ae76e46da0
--- /dev/null
+++ b/docs/registries/_format/iri.md
@@ -0,0 +1,15 @@
+---
+owner: baywet
+issue:
+description: A Internationalized Resource Identifier as defined in RFC3987
+base_type: string
+layout: default
+source_label: JSON Schema
+source: https://json-schema.org/draft/2020-12/json-schema-validation.html#name-resource-identifiers
+---
+
+{% capture summary %}
+The `{{page.slug}}` format is a Internationalized Resource Identifier as defined in [RFC3987](https://www.rfc-editor.org/info/rfc3987).
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/json-pointer.md b/docs/registries/_format/json-pointer.md
new file mode 100644
index 0000000000..5803c2d9e3
--- /dev/null
+++ b/docs/registries/_format/json-pointer.md
@@ -0,0 +1,15 @@
+---
+owner: baywet
+issue:
+description: A JSON string representation of a JSON Pointer as defined in RFC6901
+base_type: string
+layout: default
+source_label: JSON Schema
+source: https://json-schema.org/draft/2020-12/json-schema-validation.html#name-json-pointers
+---
+
+{% capture summary %}
+The `{{page.slug}}` format is a JSON string representation of a JSON Pointer as defined in [RFC6901](https://www.rfc-editor.org/info/rfc6901).
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/media-range.md b/docs/registries/_format/media-range.md
new file mode 100644
index 0000000000..7e3f404078
--- /dev/null
+++ b/docs/registries/_format/media-range.md
@@ -0,0 +1,16 @@
+---
+owner: jdesrosiers
+issue:
+description: A media type as defined by the `media-range` ABNF production in RFC9110.
+base_type: string
+layout: default
+source_label: OpenAPI
+source: https://www.rfc-editor.org/rfc/rfc9110#field.accept
+---
+
+{% capture summary %}
+The `{{page.slug}}` format is a media type as defined by the `media-range` ABNF
+production in [RFC9110](https://www.rfc-editor.org/rfc/rfc9110).
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/password.md b/docs/registries/_format/password.md
new file mode 100644
index 0000000000..c3bdcbc04b
--- /dev/null
+++ b/docs/registries/_format/password.md
@@ -0,0 +1,15 @@
+---
+owner: baywet
+issue:
+description: a string that hints to obscure the value.
+base_type: string
+layout: default
+source: https://spec.openapis.org/oas/latest.html#data-types
+source_label: OAS
+---
+
+{% capture summary %}
+The `{{page.slug}}` format is a string that hints to obscure the value.
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/regex.md b/docs/registries/_format/regex.md
new file mode 100644
index 0000000000..c5adf6d9ce
--- /dev/null
+++ b/docs/registries/_format/regex.md
@@ -0,0 +1,15 @@
+---
+owner: baywet
+issue:
+description: A regular expression as defined in ECMA-262
+base_type: string
+layout: default
+source_label: JSON Schema
+source: https://json-schema.org/draft/2020-12/json-schema-validation.html#name-regex
+---
+
+{% capture summary %}
+The `{{page.slug}}` format is a regular expression as defined in ECMA-262.
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/relative-json-pointer.md b/docs/registries/_format/relative-json-pointer.md
new file mode 100644
index 0000000000..d771b21a82
--- /dev/null
+++ b/docs/registries/_format/relative-json-pointer.md
@@ -0,0 +1,17 @@
+---
+owner: baywet
+issue:
+description: A JSON string representation of a relative JSON Pointer as defined in draft RFC 01
+base_type: string
+layout: default
+source_label: JSON Schema
+source: https://json-schema.org/draft/2020-12/json-schema-validation.html#name-json-pointers
+---
+
+{% capture summary %}
+The `{{page.slug}}` format is a JSON string representation of a relative JSON Pointer as defined in draft RFC 01.
+
+[Relative JSON pointers draft RFC 01](https://datatracker.ietf.org/doc/html/draft-handrews-relative-json-pointer-01).
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/sf-binary.md b/docs/registries/_format/sf-binary.md
new file mode 100644
index 0000000000..8c9ba10804
--- /dev/null
+++ b/docs/registries/_format/sf-binary.md
@@ -0,0 +1,27 @@
+---
+owner: mikekistler
+issue:
+description: structured fields byte sequence as defined in [RFC8941]
+source: https://www.rfc-editor.org/rfc/rfc8941#name-byte-sequences
+source_label: RFC 8941
+base_type: string
+layout: default
+---
+
+{% capture summary %}
+The `{{page.slug}}` format represents a structured fields byte sequence as defined in [RFC8941].
+
+```abnf
+sf-binary = ":" *(base64) ":"
+base64 = ALPHA / DIGIT / "+" / "/" / "="
+```
+
+A Byte Sequence is delimited with colons and encoded using base64 ([RFC4648], Section 4).
+
+This format is appropriate for a header value that must conform to the {{page.slug}} structured field definition.
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
+
+[RFC8941]: https://www.rfc-editor.org/rfc/rfc8941#name-byte-sequences
+[RFC4648]: https://www.rfc-editor.org/rfc/rfc4648#section-4
diff --git a/docs/registries/_format/sf-boolean.md b/docs/registries/_format/sf-boolean.md
new file mode 100644
index 0000000000..4a2681bd08
--- /dev/null
+++ b/docs/registries/_format/sf-boolean.md
@@ -0,0 +1,26 @@
+---
+owner: mikekistler
+issue:
+description: structured fields boolean as defined in [RFC8941]
+source: https://www.rfc-editor.org/rfc/rfc8941#name-booleans
+source_label: RFC 8941
+base_type: string
+layout: default
+---
+
+{% capture summary %}
+The `{{page.slug}}` format represents a structured fields boolean as defined in [RFC8941].
+
+```abnf
+sf-boolean = "?" boolean
+boolean = "0" / "1"
+```
+
+A Boolean is indicated with a leading "?" character followed by a "1" for a true value or "0" for false.
+
+This format is appropriate for a header value that must conform to the {{page.slug}} structured field definition.
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
+
+[RFC8941]: https://www.rfc-editor.org/rfc/rfc8941#name-booleans
diff --git a/docs/registries/_format/sf-decimal.md b/docs/registries/_format/sf-decimal.md
new file mode 100644
index 0000000000..083c55adec
--- /dev/null
+++ b/docs/registries/_format/sf-decimal.md
@@ -0,0 +1,26 @@
+---
+owner: mikekistler
+issue:
+description: structured fields decimal as defined in [RFC8941]
+source: https://www.rfc-editor.org/rfc/rfc8941#name-decimals
+source_label: RFC 8941
+base_type: number
+layout: default
+---
+
+{% capture summary %}
+The `{{page.slug}}` format represents a structured fields decimal as defined in [RFC8941].
+
+```abnf
+sf-decimal = ["-"] 1*12DIGIT "." 1*3DIGIT
+```
+
+Decimals are numbers with an integer and a fractional component.
+The integer component has at most 12 digits; the fractional component has at most three digits.
+
+This format is appropriate for a header value that must conform to the {{page.slug}} structured field definition.
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
+
+[RFC8941]: https://www.rfc-editor.org/rfc/rfc8941#name-decimals
diff --git a/docs/registries/_format/sf-integer.md b/docs/registries/_format/sf-integer.md
new file mode 100644
index 0000000000..8edc872cee
--- /dev/null
+++ b/docs/registries/_format/sf-integer.md
@@ -0,0 +1,27 @@
+---
+owner: mikekistler
+issue:
+description: structured fields integer as defined in [RFC8941]
+source: https://www.rfc-editor.org/rfc/rfc8941#name-integers
+source_label: RFC 8941
+base_type: [integer, number]
+layout: default
+---
+
+{% capture summary %}
+The `{{page.slug}}` format represents a structured fields integer as defined in [RFC8941].
+
+```abnf
+sf-integer = ["-"] 1*15DIGIT
+```
+
+Integers have a range of -999,999,999,999,999 to 999,999,999,999,999 inclusive (i.e., up to fifteen digits, signed),
+for IEEE 754 compatibility [IEEE754].
+
+This format is appropriate for a header value that must conform to the {{page.slug}} structured field definition.
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
+
+[RFC8941]: https://www.rfc-editor.org/rfc/rfc8941#name-integers
+[IEEE754]: https://ieeexplore.ieee.org/document/8766229
diff --git a/docs/registries/_format/sf-string.md b/docs/registries/_format/sf-string.md
new file mode 100644
index 0000000000..e016bb1650
--- /dev/null
+++ b/docs/registries/_format/sf-string.md
@@ -0,0 +1,31 @@
+---
+owner: mikekistler
+issue:
+description: structured fields string as defined in [RFC8941]
+source: https://www.rfc-editor.org/rfc/rfc8941#name-strings
+source_label: RFC 8941
+base_type: string
+layout: default
+---
+
+{% capture summary %}
+The `{{page.slug}}` format represents a structured fields string as defined in [RFC8941].
+
+```abnf
+sf-string = DQUOTE *chr DQUOTE
+chr = unescaped / escaped
+unescaped = %x20-21 / %x23-5B / %x5D-7E
+escaped = "\" ( DQUOTE / "\" )
+```
+
+Strings are zero or more printable ASCII [RFC0020] characters (i.e., the range %x20 to %x7E).
+Note that this excludes tabs, newlines, carriage returns, etc.
+
+Strings are delimited with double quotes, using a backslash ("\") to escape double quotes and backslashes.
+
+This format is appropriate for a header value that must conform to the {{page.slug}} structured field definition.
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
+
+[RFC8941]: https://www.rfc-editor.org/rfc/rfc8941#name-strings
diff --git a/docs/registries/_format/sf-token.md b/docs/registries/_format/sf-token.md
new file mode 100644
index 0000000000..b022a03789
--- /dev/null
+++ b/docs/registries/_format/sf-token.md
@@ -0,0 +1,25 @@
+---
+owner: mikekistler
+issue:
+description: structured fields token as defined in [RFC8941]
+source: https://www.rfc-editor.org/rfc/rfc8941#name-tokens
+source_label: RFC 8941
+base_type: string
+layout: default
+---
+
+{% capture summary %}
+The `{{page.slug}}` format represents a structured fields token as defined in [RFC8941].
+
+```abnf
+sf-token = ( ALPHA / "*" ) *( tchar / ":" / "/" )
+```
+
+Tokens are short textual words; their abstract model is identical to their expression in the HTTP field value serialization.
+
+This format is appropriate for a header value that must conform to the {{page.slug}} structured field definition.
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
+
+[RFC8941]: https://www.rfc-editor.org/rfc/rfc8941#name-tokens
diff --git a/docs/registries/_format/time.md b/docs/registries/_format/time.md
new file mode 100644
index 0000000000..bc96e6b1e0
--- /dev/null
+++ b/docs/registries/_format/time.md
@@ -0,0 +1,15 @@
+---
+owner: baywet
+issue:
+description: time as defined by full-time - RFC3339
+base_type: string
+layout: default
+source_label: JSON Schema
+source: https://json-schema.org/draft/2020-12/json-schema-validation.html#name-dates-times-and-duration
+---
+
+{% capture summary %}
+The `{{page.slug}}` format represents a time as defined by full-time - [RFC3339](https://www.rfc-editor.org/rfc/rfc3339.html#section-5.6).
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/uint8.md b/docs/registries/_format/uint8.md
new file mode 100644
index 0000000000..9f63ffc0d7
--- /dev/null
+++ b/docs/registries/_format/uint8.md
@@ -0,0 +1,15 @@
+---
+owner: MikeRalphson
+issue: 845
+description: unsigned 8-bit integer
+base_type: number
+layout: default
+source: https://spec.openapis.org/oas/latest.html#data-types
+source_label: OAS
+---
+
+{% capture summary %}
+The `{{page.slug}}` format represents an unsigned 8-bit integer, with the range 0 to 255.
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/uri-reference.md b/docs/registries/_format/uri-reference.md
new file mode 100644
index 0000000000..c084005369
--- /dev/null
+++ b/docs/registries/_format/uri-reference.md
@@ -0,0 +1,15 @@
+---
+owner: baywet
+issue:
+description: A URI reference as defined in [RFC3986](https://www.rfc-editor.org/info/rfc3986)
+base_type: string
+layout: default
+source_label: JSON Schema
+source: https://json-schema.org/draft/2020-12/json-schema-validation.html#name-resource-identifiers
+---
+
+{% capture summary %}
+The `{{page.slug}}` format is a URI reference as defined in RFC3986.
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/uri-template.md b/docs/registries/_format/uri-template.md
new file mode 100644
index 0000000000..1ade6d379f
--- /dev/null
+++ b/docs/registries/_format/uri-template.md
@@ -0,0 +1,15 @@
+---
+owner: baywet
+issue:
+description: A URI Template as defined in RFC6570
+base_type: string
+layout: default
+source_label: JSON Schema
+source: https://json-schema.org/draft/2020-12/json-schema-validation.html#name-uri-template
+---
+
+{% capture summary %}
+The `{{page.slug}}` format is a URI Template as defined in [RFC6570](https://www.rfc-editor.org/rfc/rfc6570).
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/uri.md b/docs/registries/_format/uri.md
new file mode 100644
index 0000000000..15d858434e
--- /dev/null
+++ b/docs/registries/_format/uri.md
@@ -0,0 +1,15 @@
+---
+owner: baywet
+issue:
+description: A Uniform Resource Identifier as defined in RFC3986
+base_type: string
+layout: default
+source_label: JSON Schema
+source: https://json-schema.org/draft/2020-12/json-schema-validation.html#name-resource-identifiers
+---
+
+{% capture summary %}
+The `{{page.slug}}` format is a Uniform Resource Identifier as defined in [RFC3986](https://www.rfc-editor.org/rfc/rfc3986.html).
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_format/uuid.md b/docs/registries/_format/uuid.md
new file mode 100644
index 0000000000..ff571a098a
--- /dev/null
+++ b/docs/registries/_format/uuid.md
@@ -0,0 +1,15 @@
+---
+owner: baywet
+issue:
+description: A Universally Unique IDentifier as defined in RFC4122
+base_type: string
+layout: default
+source_label: JSON Schema
+source: https://json-schema.org/draft/2020-12/json-schema-validation.html#name-resource-identifiers
+---
+
+{% capture summary %}
+The `{{page.slug}}` format a Universally Unique IDentifier as defined in [RFC4122](https://www.rfc-editor.org/rfc/rfc4122).
+{% endcapture %}
+
+{% include format-entry.md summary=summary %}
diff --git a/docs/registries/_namespace/ms.md b/docs/registries/_namespace/ms.md
new file mode 100644
index 0000000000..0c8abf165d
--- /dev/null
+++ b/docs/registries/_namespace/ms.md
@@ -0,0 +1,12 @@
+---
+owner: DarrelMiller
+issue:
+description: Extensions created and used by Microsoft
+layout: default
+---
+
+{% capture summary %}
+The `x-{{page.slug}}-` prefix is reserved for extensions created by Microsoft. These extensions are available for use by anyone.
+{% endcapture %}
+
+{% include namespace-entry.md summary=summary %}
diff --git a/docs/registries/_namespace/oas-draft.md b/docs/registries/_namespace/oas-draft.md
new file mode 100644
index 0000000000..f0879c233e
--- /dev/null
+++ b/docs/registries/_namespace/oas-draft.md
@@ -0,0 +1,12 @@
+---
+owner: DarrelMiller
+issue:
+description: Extensions created by OAI to indicate proposed changes to the OAS specification
+layout: default
+---
+
+{% capture summary %}
+The `x-{{page.slug}}-` prefix is reserved for extensions created as part of the [draft features](https://github.com/OAI/OpenAPI-Specification/blob/main/DEVELOPMENT.md#draft-features) process. These extensions are available for use by anyone.
+{% endcapture %}
+
+{% include namespace-entry.md summary=summary %}
diff --git a/docs/registries/_namespace/sap.md b/docs/registries/_namespace/sap.md
new file mode 100644
index 0000000000..63b24412cc
--- /dev/null
+++ b/docs/registries/_namespace/sap.md
@@ -0,0 +1,14 @@
+---
+owner: ralfhandl, pavelkornev
+issue:
+description: Extensions created and used by SAP
+layout: default
+---
+
+{% capture summary %}
+The `x-{{page.slug}}-` prefix is reserved for extensions created by SAP. These extensions are available for use by anyone.
+
+The official list of supported SAP extensions can be found in [SAP/openapi-specification](https://github.com/SAP/openapi-specification) repository.
+{% endcapture %}
+
+{% include namespace-entry.md summary=summary %}
diff --git a/docs/registry/alternative-schema.md b/docs/registry/alternative-schema.md
new file mode 100644
index 0000000000..386c7b22b7
--- /dev/null
+++ b/docs/registry/alternative-schema.md
@@ -0,0 +1,24 @@
+---
+title: Alternative Schema Registry
+layout: default
+permalink: /registry/alternative-schema/index.html
+parent: Registry
+---
+
+# Alternative Schema Type Registry
+
+## Master Issue
+
+* [#1532](https://github.com/OAI/OpenAPI-Specification/issues/1532)
+
+## Contributing
+
+Please raise a [Pull-Request](https://github.com/OAI/OpenAPI-Specification/pulls) or [Issue](https://github.com/OAI/OpenAPI-Specification/issues) to contribute or discuss a registry value.
+
+## Values
+
+|Value|Description|Issue|
+|---|---|---|
+{% for value in site.alternative-schema %}| {{ value.slug }} | {{ value.description }} | {% if value.issue %}#{{ value.issue }}{% endif %} |
+{% endfor %}
+
diff --git a/docs/registry/draft-feature.md b/docs/registry/draft-feature.md
new file mode 100644
index 0000000000..b8d59a9551
--- /dev/null
+++ b/docs/registry/draft-feature.md
@@ -0,0 +1,24 @@
+---
+title: Draft Feature Registry
+layout: default
+permalink: /registry/draft-feature/index.html
+parent: Registry
+---
+
+# Draft Features Registry
+
+## Master Issue
+
+* [#1531](https://github.com/OAI/OpenAPI-Specification/pull/1531)
+
+## Contributing
+
+Please raise a [Pull-Request](https://github.com/OAI/OpenAPI-Specification/pulls) or [Issue](https://github.com/OAI/OpenAPI-Specification/issues) to contribute or discuss a registry value.
+
+## Values
+
+|Value|Description|Issue|
+|---|---|---|
+{% for value in site.draft-feature %}| {{ value.slug }} | {{ value.description }} | {% if value.issue %}#{{ value.issue }}{% endif %} |
+{% endfor %}
+
diff --git a/docs/registry/extension.md b/docs/registry/extension.md
new file mode 100644
index 0000000000..226b8730e7
--- /dev/null
+++ b/docs/registry/extension.md
@@ -0,0 +1,24 @@
+---
+# title: Extensions Registry
+layout: default
+permalink: /registry/extension/index.html
+parent: Registry
+---
+
+# Extensions Registry
+
+## Master Issue
+
+* [#1351](https://github.com/OAI/OpenAPI-Specification/issues/1351)
+
+## Contributing
+
+Please raise a [Pull-Request](https://github.com/OAI/OpenAPI-Specification/pulls) or [Issue](https://github.com/OAI/OpenAPI-Specification/issues) to contribute or discuss a registry value.
+
+## Values
+
+|Value|Description|Issue|
+|---|---|---|
+{% for value in site.extension %}| {{ value.slug }} | {{ value.description }} | {% if value.issue %}#{{ value.issue }}{% endif %} |
+{% endfor %}
+
diff --git a/docs/registry/format.md b/docs/registry/format.md
new file mode 100644
index 0000000000..c032f95844
--- /dev/null
+++ b/docs/registry/format.md
@@ -0,0 +1,29 @@
+---
+title: Format Registry
+layout: default
+permalink: /registry/format/index.html
+parent: Registry
+---
+
+# Formats Registry
+
+## Considerations
+
+The existence of a format in this registry DOES NOT require tools to implement it.
+
+If tools choose to implement any format present in this registry, they SHOULD implement the format following the provided behavior.
+
+The registry SHOULD NOT contain two entries that have the same meaning, unless all but one have been deprecated.
+
+
+## Contributing
+
+Please raise a [Pull-Request](https://github.com/OAI/OpenAPI-Specification/pulls) or [Issue](https://github.com/OAI/OpenAPI-Specification/issues) to contribute or discuss a registry value.
+
+## Values
+
+|Value|Description|Type|Source|Deprecated|
+|---|---|----|---|---|----|
+{% for value in site.format %}| {{ value.slug }} | {{ value.description }} | {{ value.base_type | join: ', ' }} | {% if value.source %}{% if value.source_label %}{{value.source_label}}{% else %}Open{% endif %}{% endif %} | {% if value.deprecated_note %}Yes{% else %}No{% endif %} |
+{% endfor %}
+
diff --git a/docs/registry/index.md b/docs/registry/index.md
new file mode 100644
index 0000000000..386680cf71
--- /dev/null
+++ b/docs/registry/index.md
@@ -0,0 +1,31 @@
+---
+title: Registry
+layout: default
+permalink: /registry/index.html
+has_children: true
+children:
+- title: Alternative Schema Registry
+- title: Draft Features Registry
+- title: Format Registry
+- title: Namespace Registry
+has_toc: false
+---
+
+## Contributing
+
+Please raise a [Pull-Request](https://github.com/OAI/OpenAPI-Specification/pulls) against the `main` branch and add a new Markdown file to a folder in the `docs/registries/_{registryName}`. The name of the file is considered the registration entry, ignoring the file extension. Alternatively you can open an [Issue](https://github.com/OAI/OpenAPI-Specification/issues) to discuss a registry value.
+
+### Contents
+
+{% for registry in site.collections %}{% unless registry.hidden %}
+* {{ registry.name }}{% endunless %}{% endfor %}
+
+#### API access
+
+* [registries.json](../api/registries.json) - Registries meta-registry{% for registry in site.collections %}{% unless registry.hidden %}
+* {{ registry.slug }}.json{% endunless %} {% endfor %}
+
+#### RSS feed
+
+* [feed.xml](../rss/feed.xml)
+
diff --git a/docs/registry/namespace.md b/docs/registry/namespace.md
new file mode 100644
index 0000000000..6b05c8c1b7
--- /dev/null
+++ b/docs/registry/namespace.md
@@ -0,0 +1,21 @@
+---
+title: Namespace Registry
+layout: default
+permalink: /registry/namespace/index.html
+parent: Registry
+---
+
+# Namespace Registry
+
+To allow for creators of OpenAPI descriptions to define new extensions without the risk of name collisions, a namespace registry is maintained by OAI. The namespace registry is a simple list of unique identifiers that are used as part of a prefix for extensions to ensure uniqueness. A prefix has the format `x-{namespace}-` where `{namespace}` is a unique string associated to the creator of the extensions within the namespace. Namespace identifiers MUST be registered as lowercase identifiers.
+
+## Contributing
+
+Please raise a [Pull-Request](https://github.com/OAI/OpenAPI-Specification/pulls) or [Issue](https://github.com/OAI/OpenAPI-Specification/issues) to contribute or discuss a registry value.
+
+## Values
+
+|Value|Prefix|Description|Issue|
+|---|---|---|---|
+{% for value in site.namespace %}| {{ value.slug }} | x-{{ value.slug }}-|{{ value.description }} | {% if value.issue %}#{{ value.issue }}{% endif %} |
+{% endfor %}
diff --git a/docs/rss/feed.xml b/docs/rss/feed.xml
new file mode 100644
index 0000000000..f43e1043bb
--- /dev/null
+++ b/docs/rss/feed.xml
@@ -0,0 +1,25 @@
+---
+layout: none
+---
+
+
+
+
+
+Version
+Date
+Notes
+
+
+3.1.0
+2021-02-15
+Release of the OpenAPI Specification 3.1.0
+
+
+3.1.0-rc1
+2020-10-08
+rc1 of the 3.1 specification
+
+
+3.1.0-rc0
+2020-06-18
+rc0 of the 3.1 specification
+
+
+3.0.3
+2020-02-20
+Patch release of the OpenAPI Specification 3.0.3
+
+
+3.0.2
+2018-10-08
+Patch release of the OpenAPI Specification 3.0.2
+
+
+3.0.1
+2017-12-06
+Patch release of the OpenAPI Specification 3.0.1
+
+
+3.0.0
+2017-07-26
+Release of the OpenAPI Specification 3.0.0
+
+
+3.0.0-rc2
+2017-06-16
+rc2 of the 3.0 specification
+
+
+3.0.0-rc1
+2017-04-27
+rc1 of the 3.0 specification
+
+
+3.0.0-rc0
+2017-02-28
+Implementer’s Draft of the 3.0 specification
+
+
+2.0
+2015-12-31
+Donation of Swagger 2.0 to the OpenAPI Initiative
+
+
+2.0
+2014-09-08
+Release of Swagger 2.0
+
+
+1.2
+2014-03-14
+Initial release of the formal document.
+
+
+1.1
+2012-08-22
+Release of Swagger 1.1
+
+
+
+1.0
+2011-08-10
+First release of the Swagger Specification
+