API Property Require Security Page

api-property-require-security-page

info experience: securityexperience: documentation spec: apisspec: properties

Has Security Path

This property ensures there is a URL to the security page, providing details about how security is handled for an API.

Rule definition

The full Spotlight rule — drop it into a ruleset (.spotlight.yaml / .spectral.yaml) and run it with any Spotlight tool.

api-property-require-security-page:
  title: API Property Require Security Page
  reference: https://spotlight-rules.com/spec/rules/apis-json/api-property-require-security-page/
  description: This property ensures there is a URL to the security page,
    providing details about how security is handled for an API.
  message: Has Security Path
  severity: info
  given:
    - $.apis.*.properties.*
    - $.common.*
  then:
    - field: type
      function: pattern
      functionOptions:
        notMatch: \b(Security|SecurityTesting)\b
  tags:
    - format:apis-json
    - spec:apis
    - spec:properties
    - experience:security
    - experience:documentation
  prompt: "You are editing an APIs.json document to satisfy the Spotlight API
    governance rule 'api-property-require-security-page' (API Property Require
    Security Page). Requirement: This property ensures there is a URL to the
    security page, providing details about how security is handled for an API.
    To fix: Ensure `type` does NOT match the regular expression
    `\\b(Security|SecurityTesting)\\b`; rename or rewrite any value that does.
    This rule is evaluated at the JSONPath `$.apis.*.properties.* | $.common.*`
    — inspect every location it matches and correct only what violates the rule.
    Make the smallest change that satisfies the rule, leave all unrelated
    content, key order, comments, and formatting unchanged, and keep the
    document valid APIs.json. Return only the complete corrected document, with
    no commentary."

AI fix prompt — send this to Claude, Gemini, or ChatGPT with your artifact to auto-fix this rule

You are editing an APIs.json document to satisfy the Spotlight API governance rule 'api-property-require-security-page' (API Property Require Security Page). Requirement: This property ensures there is a URL to the security page, providing details about how security is handled for an API. To fix: Ensure `type` does NOT match the regular expression `\b(Security|SecurityTesting)\b`; rename or rewrite any value that does. This rule is evaluated at the JSONPath `$.apis.*.properties.* | $.common.*` — inspect every location it matches and correct only what violates the rule. Make the smallest change that satisfies the rule, leave all unrelated content, key order, comments, and formatting unchanged, and keep the document valid APIs.json. Return only the complete corrected document, with no commentary.

Artifact	APIs.json
Applies at (given)	`$.apis..properties. \| $.common.*`
Severity	info — educational by default; raise to `warn`/`error` to enforce
Reference	`https://spotlight-rules.com/spec/rules/apis-json/api-property-require-security-page/`

← API Property Require SDK

all APIs.json rules

API Property Require Signup →