Swagger template file for appsec scanning

Looking to test some custom API’s using AppSec but scan keeps failing with "Ill-formed Swagger file " error. Been playing around with my json file but can’t seem to get it right. Anyone have one that works that I can look at? Or documentation on what structure AppSec is expecting?

Hey @ceberiel, apologies for the delay here. We do have a couple examples that should be good templates to base yours off of, if you’re having trouble figuring out the error. In particular it’s common for the file to be missing the host, basepath, or schemes info (in v2) or the server info (in v3). Here they are:

https://petstore.swagger.io/v2/swagger.json
https://petstore3.swagger.io/api/v3/openapi.json

1 Like