OWASP API Security Top 10 2019 Checklist

2.1.x

improper-assets-management-environment-info

general > improper-assets-management-environment-info

Guidance

The purpose of an API host is unclear, and there are no explicit answers to the following questions:
- Which environment is the API running in, for example, production, staging, test, or development?
- Who should have network access to the API, for example, public, internal, or partners?

Message

API must have a description.

Examples

valid

#%RAML 1.0
title: ANG Governance xAPI
description: Api governance XAPI description

invalid

#%RAML 1.0
title: ANG Governance xAPI

Applies to WebAPI

Constraint

Type: Declarative Validation
TypeRuleset
OrganizationMuleSoft
Published by
MuleSoft Organization
Published onNov 29, 2023

Asset versions for 2.1.x

Version
2.1.0

Tags

specification