Owasp Api8 2023 Define Error Responses 500 Warn

OWASP API8 2023 Define Error Responses 500 (Edit)

OWASP API Security recommends defining schemas for all responses, even errors. The 500 describes what happens when a request fails with an internal server error, so it is important to define this for documentation and contract testing.

OWASPSecurityResponsesErrorsOpenAPI

Rule Definition

{"owasp-api8-2023-define-error-responses-500-warn":{"description":"OWASP API Security recommends defining schemas for all responses, even errors. The 500 describes what happens when a request fails with an internal server error, so it is important to define this for documentation and contract testing.","message":"Operation is missing a 500 error response.","given":"$.paths..responses","severity":"warn","then":{"field":"500","function":"truthy"}}}

Back to All of the Rules

OWASP API8 2023 Define Error Responses 500 (Edit)

This Page

Open & Ask

Rule Definition