Fortinet black logo

Administration Guide

Creating OpenAPI files

Creating OpenAPI files

This section provides instructions on how to create an OpenAPI file.

  1. Go to Web Protection > OpenAPI Validation > OpenAPI File.
  2. Click Create New.
  3. To upload cross-referenced files, you can enable Upload zip, and click Choose File to upload a zip file.
    OpenAPI files with recursive references are supported.
  4. Or just click Choose File to upload a valid OpenAPI file.
  5. yaml and JSON formats of OpenAPI file are supported.
  6. Click OK.
    The figure below shows a list of OpenAPI files.


    Select one file, you can click Delete to remove the file or View to view details of this file. Moreover, you can also right click one file to delete it or view its details.

    The table below includes the objects of the OpenAPI document.

    Field NameTypeDescription
    openapistringREQUIRED. This string MUST be the semantic version number of the OpenAPI Specification version that the OpenAPI document uses. The openapi field SHOULD be used by tooling specifications and clients to interpret the OpenAPI document. This is not related to the API info.version string.
    infoInfo ObjectREQUIRED. Provides metadata about the API. The metadata MAY be used by tooling as required.
    serversServer ObjectAn array of Server Objects, which provide connectivity information to a target server. If the servers property is not provided, or is an empty array, the default value would be a Server Object with a url value of /.
    pathsPaths ObjectREQUIRED. The available paths and operations for the API.
    componentsComponents ObjectAn element to hold various schemas for the specification.
    securitySecurity Requirement ObjectA declaration of which security mechanisms can be used across the API. The list of values includes alternative security requirement objects that can be used. Only one of the security requirement objects need to be satisfied to authorize a request. Individual operations can override this definition.
    tagsTag ObjectA list of tags used by the specification with additional metadata. The order of the tags can be used to reflect on their order by the parsing tools. Not all tags that are used by the Operation Object must be declared. The tags that are not declared MAY be organized randomly or based on the tools' logic. Each tag name in the list MUST be unique.
    externalDocsExternal Documentation ObjectAdditional external documentation.

Creating OpenAPI files

This section provides instructions on how to create an OpenAPI file.

  1. Go to Web Protection > OpenAPI Validation > OpenAPI File.
  2. Click Create New.
  3. To upload cross-referenced files, you can enable Upload zip, and click Choose File to upload a zip file.
    OpenAPI files with recursive references are supported.
  4. Or just click Choose File to upload a valid OpenAPI file.
  5. yaml and JSON formats of OpenAPI file are supported.
  6. Click OK.
    The figure below shows a list of OpenAPI files.


    Select one file, you can click Delete to remove the file or View to view details of this file. Moreover, you can also right click one file to delete it or view its details.

    The table below includes the objects of the OpenAPI document.

    Field NameTypeDescription
    openapistringREQUIRED. This string MUST be the semantic version number of the OpenAPI Specification version that the OpenAPI document uses. The openapi field SHOULD be used by tooling specifications and clients to interpret the OpenAPI document. This is not related to the API info.version string.
    infoInfo ObjectREQUIRED. Provides metadata about the API. The metadata MAY be used by tooling as required.
    serversServer ObjectAn array of Server Objects, which provide connectivity information to a target server. If the servers property is not provided, or is an empty array, the default value would be a Server Object with a url value of /.
    pathsPaths ObjectREQUIRED. The available paths and operations for the API.
    componentsComponents ObjectAn element to hold various schemas for the specification.
    securitySecurity Requirement ObjectA declaration of which security mechanisms can be used across the API. The list of values includes alternative security requirement objects that can be used. Only one of the security requirement objects need to be satisfied to authorize a request. Individual operations can override this definition.
    tagsTag ObjectA list of tags used by the specification with additional metadata. The order of the tags can be used to reflect on their order by the parsing tools. Not all tags that are used by the Operation Object must be declared. The tags that are not declared MAY be organized randomly or based on the tools' logic. Each tag name in the list MUST be unique.
    externalDocsExternal Documentation ObjectAdditional external documentation.