Fortinet black logo

Administration Guide

Creating OpenAPI files

Creating OpenAPI files

This section provides instructions on how to create an OpenAPI file.

  1. Go to Web Protection > OpenAPI Validation > OpenAPI File.
  2. Click Create New.
  3. To upload cross-referenced files, you can enable Upload zip, and click Choose File to upload a zip file.
    OpenAPI files with recursive references are supported.
  4. Or just click Choose File to upload a valid OpenAPI file.
  5. yaml and JSON formats of OpenAPI file are supported.
  6. Click OK.
    The figure below shows a list of OpenAPI files.


    Select one file, you can click Delete to remove the file or View to view details of this file. Moreover, you can also right click one file to delete it or view its details.

    The following figure shows details of an OpenAPI file.

    On the left, you can find the source OpenAPI file, and on the right, the parsing results including the objects described in the file are shown.

    The table below includes the objects of the OpenAPI document.

    Field Name Type Description
    openapi string REQUIRED. This string MUST be the semantic version number of the OpenAPI Specification version that the OpenAPI document uses. The openapi field SHOULD be used by tooling specifications and clients to interpret the OpenAPI document. This is not related to the API info.version string.
    info Info Object REQUIRED. Provides metadata about the API. The metadata MAY be used by tooling as required.
    servers Server Object An array of Server Objects, which provide connectivity information to a target server. If the servers property is not provided, or is an empty array, the default value would be a Server Object with a url value of /.
    paths Paths Object REQUIRED. The available paths and operations for the API.
    components Components Object An element to hold various schemas for the specification.
    security Security Requirement Object A declaration of which security mechanisms can be used across the API. The list of values includes alternative security requirement objects that can be used. Only one of the security requirement objects need to be satisfied to authorize a request. Individual operations can override this definition.
    tags Tag Object A list of tags used by the specification with additional metadata. The order of the tags can be used to reflect on their order by the parsing tools. Not all tags that are used by the Operation Object must be declared. The tags that are not declared MAY be organized randomly or based on the tools' logic. Each tag name in the list MUST be unique.
    externalDocs External Documentation Object Additional external documentation.

Creating OpenAPI files

This section provides instructions on how to create an OpenAPI file.

  1. Go to Web Protection > OpenAPI Validation > OpenAPI File.
  2. Click Create New.
  3. To upload cross-referenced files, you can enable Upload zip, and click Choose File to upload a zip file.
    OpenAPI files with recursive references are supported.
  4. Or just click Choose File to upload a valid OpenAPI file.
  5. yaml and JSON formats of OpenAPI file are supported.
  6. Click OK.
    The figure below shows a list of OpenAPI files.


    Select one file, you can click Delete to remove the file or View to view details of this file. Moreover, you can also right click one file to delete it or view its details.

    The following figure shows details of an OpenAPI file.

    On the left, you can find the source OpenAPI file, and on the right, the parsing results including the objects described in the file are shown.

    The table below includes the objects of the OpenAPI document.

    Field Name Type Description
    openapi string REQUIRED. This string MUST be the semantic version number of the OpenAPI Specification version that the OpenAPI document uses. The openapi field SHOULD be used by tooling specifications and clients to interpret the OpenAPI document. This is not related to the API info.version string.
    info Info Object REQUIRED. Provides metadata about the API. The metadata MAY be used by tooling as required.
    servers Server Object An array of Server Objects, which provide connectivity information to a target server. If the servers property is not provided, or is an empty array, the default value would be a Server Object with a url value of /.
    paths Paths Object REQUIRED. The available paths and operations for the API.
    components Components Object An element to hold various schemas for the specification.
    security Security Requirement Object A declaration of which security mechanisms can be used across the API. The list of values includes alternative security requirement objects that can be used. Only one of the security requirement objects need to be satisfied to authorize a request. Individual operations can override this definition.
    tags Tag Object A list of tags used by the specification with additional metadata. The order of the tags can be used to reflect on their order by the parsing tools. Not all tags that are used by the Operation Object must be declared. The tags that are not declared MAY be organized randomly or based on the tools' logic. Each tag name in the list MUST be unique.
    externalDocs External Documentation Object Additional external documentation.