Open API

Question 1

What is?

Answer 1

OpenAPI (formerly known as Swagger) open-source standard for defining RESTful APIs

Question 2

Structure

Answer 2

Metadata
Servers
Paths
Components
Security

Question 3

Metadata

Answer 3

Information about the API:
openapi: 3.0.3
info:
title: Sample API
description: API for demonstrating OpenAPI
version: 1.0.0

Question 4

Servers

Answer 4

Defines the API’s base URLs:
servers:
- url: https://api.example.com/v1
description: Production server
- url: https://staging-api.example.com/v1
description: Staging server

Question 5

Paths

Answer 5

paths:
/users:
get:
summary: Retrieve a list of users
responses:
‘200’:
description: A JSON array of users
content:
application/json:
schema:
type: array
items:
$ref: ‘#/components/schemas/User’

Question 6

Components

Answer 6

components:
schemas:
User:
type: object
properties:
id:
type: integer
name:
type: string

Question 7

Security

Answer 7

security:
- apiKeyAuth: []
components:
securitySchemes:
apiKeyAuth:
type: apiKey
in: header
name: Authorization

security:
- apiKeyAuth: []
This indicates that all requests to the API require an API key sent in the Authorization header
the [] specifies the required scopes (permissions) that a client must have to access the endpoint.
Example security:
- oauth2Auth: [“read”, “write”]
apiKeyAuth: [] - indicates that only the apiKeyAuth scheme is required, with no additional conditions (like scopes). Even though apiKeyAuth and other schemes like http don’t use scopes, OpenAPI uses a consistent format for defining security requirements.