Repository
The GitHub, GitLab, or BitBucket repository for an API, providing the single source of truth for the API contract, OpenAPI, and other artifacts, as well as the road map, change log, support, feedback, and other elements of a repository.
YES
NO
Repositories:
Require each API contract possess a GitHub, GitLab, or BitBucket repository.
Teams:
Require that API contract management is controlled using Git teams.
Artifacts:
Require the APIs.json contract, OpenAPI, and other artifacts are stored in repository.
README:
Require that each API contract repository has a dedicated README.
Who:
Who is using an API, focusing on the people who will be putting an API to work in their applications.
What:
What will consumers be building with the resources and capabilities being made available via APIs.
How:
How will consumers be putting API resources and capabilities, getting into the details of programming languages and frameworks.
Why:
What are the reasons an API consumer will be putting APIs to work in their applications and integrations as part of their business.
Paths:
Providing simple, clean, and intuitive paths as part of the documentation being published for consumers to use.
Request Bodies:
Including details and examples regarding the request bodies being submitted for POST, PUT, and other possible methods.
Responses:
Making sure there is a complete example for each API response in documentation, including happy and unhappy responses.
Schema:
Documenting all of the schema which are used as part of request bodies and responses, providing JSON SChema representations of each.
OpenAPI Version:
Requiring there is the latest version of OpenAPI available.
Title:
Requiring the info title property meets the policy standards.
Description:
Requiring the info description property meets the policy standards.
Contact:
Requiring that there is a contact included in the OpenAPI info.
License:
Requiring the info license property meets the policy standards.
OpenAPI Terms of Service:
Requiring the info terms of service property meets the policy standards.
Version:
Requiring the info version property meets the policy standards.
Operation Summary:
Requiring that all operational summaries meets the policy standards.
Operation Description:
Requiring that all operational descriptions meets the policy standards.
Operation Tags:
Requiring that all operational tags meets the policy standards.
Operation Security:
Requiring that all operational security meets the policy standards.
Request Bodies:
Requiring that all operational request bodies meets the policy standards.
Request Bodies Schema:
Requiring that all operational request body schema meets the policy standards.
Parameter In:
Requiring that all operational parameters in property meets the policy standards.
Parameter Names:
Requiring that all operational parameters names meets the policy standards.
Parameter Descriptions:
Requiring that all operational parameters descriptions meets the policy standards.
Parameter Schema:
Requiring that all operational parameters schema meets the policy standards.
Response 2xx:
Requiring that all 2xx responses meets the policy standards.
Response 2xx Schema:
Requiring that all 2xx responses schema meets the policy standards.
Response 2xx Examples:
Requiring that all 2xx response examples meets the policy standards.
Response 4xx:
Requiring that all 4xx responses meets the policy standards.
Response 4xx Schema:
Requiring that all 4xx response schema meets the policy standards.
Response 4xx Examples:
Requiring that all 4xx response examples meets the policy standards.
Response 5xx:
Requiring that all 5xx responses meets the policy standards.
Response 5xx Schema:
Requiring that all 5xx response schema meets the policy standards.
Response 5xx Examples:
Requiring that all 5xx response examples meets the policy standards.
Schema Type:
Requiring that all schema type meets the policy standards.
Schema Descriptions:
Requiring that all schema descriptions meets the policy standards.
Schema Property Names:
Requiring that all schema property names meets the policy standards.
Schema Property Descriptions:
Requiring that all schema property descriptions meets the policy standards.
Schema Property Enums:
Requiring that all schema property enums meets the policy standards.
Schema Property Required:
Requiring that all schema property required meets the policy standards.
Schema Property Shapes:
Requiring that all schema property shapes meets the policy standards.
Documentation:
Provide a link and description to your API documentation, providing the entry point for API consumers to begin learning about what your API does.
Authentication:
Needs description.
SDKs:
Provide a link and description of where API consumers can learn more about authentication and how it will work when they use an API.
Metrics:
Providing details regarding the metrics available for each plan, outlining how the usage of digital resources and capabilities are being measured.
Rate Limits:
Providing details of rate limits being applied as part of each plan, and what is available to consumers as part of their application usage.
Regions:
Providing regional details available for access API resources and capabilities in different geographical regions as part of API plan usage.
Elements:
Offering other elements or features of an API that are included or not included within a plan to help API consumers understand scope of what is available.
Keys:
Require the API key usage meets standards set by authentication policies.
JWT:
Require JWT usage meets standards set by authentication policies.
OAuth:
Require that OAuth usage meets standards set by authentication policies.
Scopes:
Require Oauth scopes meets standards set by authentication policies.
Semantic Versioning:
Require usage of major, minor, and patch Semantic Versioning for managing change.
Date-Based Versioning:
Require usage of date-base versioning for managing change.
Date:
The date for the proposed API change in the road map.
Title:
The title for the proposed API change in the road map.
Details:
The description for the proposed API change in the road map.
Road Map Version:
The version of the proposed API change in the road map.
Date:
The date of the change that was made to an API.
Title:
The title of the change that was made to an API.
Details:
The description of the change that was made to an API.
Version:
The version of the change that was made to an API.
JavaScript:
Require a JavaScript client SDK available with each API.
PHP:
Require a PHP client SDK available with each API.
Java:
Require a Java client SDK available with each API.
Go:
Require a Go client SDK available with each API.
CSharp:
Require a CSharp client SDK available with each API.
Status Dashboard:
Require a link to as well as results from a status dashboard for an API.
Status History:
Require a link to as well as results from a status history for an API.
Authentication:
Require details regarding how authentication is handled as part of API security.
Testing:
Require that security testing has occurred and publishing results for API security.
Support Email:
Require that an API is supported using email.
Support Tickets:
Require that an API is supported using a ticketing system.
Support Issues:
Require that an API is supported using Git issues.
Feedback Email:
Allow for teams to receive feedback on API contracts via email.
Feedback Issues:
Allow for teams to receive feedback on API contracts via Git issue.