OpenAPI Policies

How to Use this Page

This page lists the OpenAPI Policies that Bridgecrew helps you enforce. You can browse this page, or search for a specific policy ID or short title.

Ensure that securityDefinitions is defined and not empty
Bridgecrew Policy ID: BC_OPENAPI_1

Ensure that if the security scheme is not of type 'oauth2', the array value must be empty
Bridgecrew Policy ID: BC_OPENAPI_2

Ensure that security schemes don't allow cleartext credentials over unencrypted channel
Bridgecrew Policy ID: BC_OPENAPI_3

Ensure that the global security field has rules defined
Bridgecrew Policy ID: BC_OPENAPI_4

Ensure that security operations is not empty
Bridgecrew Policy ID: BC_OPENAPI_5

Ensure that security requirement defined in securityDefinitions
Bridgecrew Policy ID: BC_OPENAPI_6