Using the API Commons interface license to provide a legal position of the naming, ordering, and overall design of your API, not just the code or other parts. An interface license will help define the legal tone you take with how your API paths are able to be put to work within other applications and integrations.

Also known as: API License, Specification License, Interface Copyright

Example

- type: InterfaceLicense
  url: https://developers.example.com/license

Standards

• Linux Foundation SPDX License List
• ISO/IEC 5962 SPDX Specification
• OpenAPI Initiative OpenAPI Specification — info.license
• ASF OpenAPI Specification (Apache-2.0)
• OSI Open Source Initiative — approved licenses
• Creative Commons Creative Commons licenses
• ETSI FRAND licensing principles
• Community API Commons interface license

Media Types

• text/html — License texts and summaries are typically served as HTML.
• text/plain — LICENSE files are conventionally plain text.
• application/json — Machine-readable license declarations including SPDX identifiers.

OpenAPI Expression

• info.license.name (OpenAPI 3.x) — Human-readable license name (e.g. "Apache 2.0").
• info.license.url (OpenAPI 3.x) — URL to the full license text.
• info.license.identifier (OpenAPI 3.1) — SPDX license identifier (e.g. "Apache-2.0", "MIT"); mutually exclusive with url.

Link Relations

• license — RFC 4946 / IANA Link Relations

Governance Rules

• info-license (Spectral built-in) — API metadata must declare a license.
• license-url (Spectral built-in) — License must resolve to a URL or SPDX identifier.

Risk & Compliance

Compliance:

• SPDX — license identification for software bill of materials
• ISO/IEC 5962 — SPDX standardization
• DMCA — derivative-work claims around API surface copying
• EU Copyright Directive — software interface protections (Art. 5)

Security: Ambiguous or missing interface licenses block enterprise adoption and create ammunition for clone / fork disputes. Re-licensing without versioning the spec breaks SBOM tooling that pins on SPDX identifiers.

Tools

• SPDX License List — License registry (CC0-1.0)
• ScanCode Toolkit — License scanner (Apache-2.0)
• FOSSA — License compliance
• Black Duck — License compliance
• REUSE — Licensing compliance (CC0-1.0)
• ClearlyDefined — License metadata

Suggested Metrics

• license_declared — Whether the API specification declares an info.license.
• spdx_identifier_present — Whether the declared license carries a valid SPDX identifier.
• osi_approved — Whether the declared license is OSI-approved.
• license_change_count — Number of license changes across published API versions.

Example Implementations

• OpenAPI Initiative — The OpenAPI Specification itself is licensed Apache-2.0.
• Stripe — Stripe publishes OpenAPI definitions with an MIT license.
• GitHub — GitHub OpenAPI description is licensed under a permissive (MIT) license.
• Kubernetes — Kubernetes OpenAPI spec is distributed under Apache-2.0.

Related Properties

• Terms of service
• Privacy policy
• Code of conduct
• Openapi
• Pricing

Tags

• Legal
• Licensing
• Client
• Server
• Data

All Common Properties