APIs conforming to this requirements class are documented as an OpenAPI Document.
Note that APIs that, for example, are access-controlled (see Security), support web cache validation, CORS or that use HTTP redirection will make use of additional HTTP status codes beyond regular codes such as 200
for successful GET requests and 400
, 404
or 500
for error situations. See [http_status_codes].
Clients have to be prepared to receive responses not documented in the OpenAPI definition. For example, additional errors may occur in the transport layer outside of the server.
description: An error occurred.
content:
application/json:
schema:
$ref: https://raw.githubusercontent.com/opengeospatial/ogcapi-processes/openapi/schemas/common-core/exception.yaml
text/html:
schema:
type: string
The OpenAPI specification currently supports the following security schemes:
-
HTTP authentication,
-
an API key (either as a header or as a query parameter),
-
OAuth2’s common flows (implicit, password, application and access code) as defined in RFC6749, and
-
OpenID Connect Discovery.