OpenAPI

OpenAPI for Security

The OpenAPI Specification (OAS) provides a machine-readable description of REST APIs. Signando leverages this specification to automatically generate security policies, validate requests against the schema, and detect anomalies.

How Signando Uses OpenAPI

• Schema Validation — Every request is validated against the OpenAPI schema before reaching the backend.
• Policy Generation — Security policies are automatically derived from the API specification.
• Type Enforcement — Request parameters, headers, and body fields are type-checked.
• Response Validation — Backend responses are validated to prevent data leakage.