APIs conforming to this requirements class are documented as an OpenAPI Document.
|
Note
|
Implementations of the Processes API may also include capabilities that are not specified in this Standard such as access-control (see Security), support for web cache validation, handling of CORS or the use of HTTP redirection. These additional capabilities make use of HTTP status codes that are beyond the regular set of code such as 200 for successful GET requests and 400, 404 or 500 for error situations (see [http_status_codes]). These additional codes would not necessarily be specified in a OpenAPI document and so clients must be prepared to receive responses not documented in the OpenAPI definition. For example, additional error codes may be generated in the transport layer which is outside the server.
|
Example 1. An exception response object definition
description: An error occurred.
content:
application/json:
schema:
$ref: https://raw.githubusercontent.com/opengeospatial/ogcapi-processes/openapi/schemas/common-core/exception.yaml
text/html:
schema:
type: stringThe OpenAPI specification currently supports the following security schemes:
-
HTTP authentication,
-
an API key (either as a header or as a query parameter),
-
OAuth2’s common flows (implicit, password, application and access code) as defined in RFC6749, and
-
OpenID Connect Discovery.