OpenAPI Spec Validator — Swagger Compliance Checker

Validate OpenAPI 2.0 (Swagger) and OpenAPI 3.0/3.1 specification files for compliance, missing required fields, unresolved $ref paths, and schema errors. Paste JSON or YAML or upload a file — errors and warnings are listed by path with severity levels and actionable fix suggestions. All validation runs entirely in your browser.

API ToolsAPI & Backend
Loading tool...

How to Use OpenAPI Spec Validator — Swagger Compliance Checker

How to Use the OpenAPI Spec Validator

Step 1: Paste or Upload Your Spec

Paste your OpenAPI or Swagger specification directly into the textarea, or click Upload to load a .json, .yaml, or .yml file from your computer. Both JSON and YAML formats are fully supported.

Step 2: Load an Example (optional)

Click one of the example buttons to load a pre-built spec:

  • Minimal 3.0 — the smallest valid OpenAPI 3.0 spec
  • Petstore 3.0 — a complete API with schemas, parameters, and request bodies
  • Swagger 2.0 — a Swagger 2.0 spec with definitions and path parameters
  • With Errors — an intentionally broken spec showing common mistakes

Step 3: Click Validate Spec

Click Validate Spec to run validation. Results appear immediately in the right panel.

Step 4: Review the Status and Stats

The status card shows whether the spec is valid (green) or invalid (red). The stats grid shows the detected version (Swagger 2.0, OpenAPI 3.0, or 3.1), the number of paths, operations, and schemas defined, plus the total error and warning counts.

Step 5: Fix Issues

The Issues panel lists each error and warning with:

  • Path — the JSON path inside the document where the issue was found (e.g., #/paths/users/get/responses)
  • Message — a plain-English description of the problem
  • Fix suggestion — a specific action you can take to resolve it

Errors (red) indicate spec non-compliance. Warnings (amber) are best-practice recommendations that do not prevent the spec from being technically valid.

What the Validator Checks

  • Version fieldopenapi (3.x) or swagger (2.x) must be present at the root
  • info objecttitle and version are required; description is recommended
  • paths object — must be present; each path must start with /
  • Operations — each must have a responses object with at least one entry
  • Parameters — must include name and in with valid values; path parameters must match the URL template
  • $ref resolution — all internal $ref values must point to paths that exist in the document
  • Security — if root security is set, the corresponding scheme definitions must exist
  • Best practicesoperationId, summary/description, requestBody for POST/PUT/PATCH, and 2xx responses

Limitations

This is a structural validator based on the OpenAPI specification rules. It does not execute a full JSON Schema validation of property values, does not check external $ref URLs, and does not validate discriminator or oneOf/anyOf semantics. For full compliance testing, use the validator as a first pass and follow up with an official OpenAPI library in your build pipeline.

Frequently Asked Questions

Most Viewed Tools

📺

Screen Size Converter — Diagonal Dimension Tool

4,715 views

Calculate screen width and height from diagonal size and aspect ratio. Convert between inches and centimeters for displays, TVs, and monitors with instant dimension calculations.

Use Tool →
🔐

TOTP Code Generator — 2FA Testing Tool

3,556 views

Generate time-based one-time passwords from a TOTP secret key. Enter your base32 secret, choose a period and digit length, and get the current and next codes with a live countdown timer. Useful for testing and debugging 2FA integrations.

Use Tool →
{}

JSONL Formatter — Line-by-Line Validator

3,529 views

Format, validate, and inspect JSON Lines (JSONL) and NDJSON files. Validates each line individually, reports parse errors by line number, outputs compact JSONL or a pretty-print preview, and lets you download the cleaned file.

Use Tool →
🖨️

DPI Calculator — Print Resolution Tool

3,470 views

Calculate DPI (dots per inch), image dimensions, and print sizes. Convert between pixels and physical dimensions for printing and displays.

Use Tool →
{ }

JSON to Zod — Schema Generator

3,448 views

Generate Zod validation schema code from a JSON sample object. Infers z.string(), z.number(), z.boolean(), z.array(), z.object(), and z.null() types automatically. Handles nested objects, arrays of objects with optional field detection, and outputs copy-ready TypeScript with import and z.infer type alias.

Use Tool →
🔐

TLS Cipher Suite Checker — Strength Analyzer

3,224 views

Check TLS protocol version compatibility and cipher suite strength ratings against current best practices. Supports IANA and OpenSSL cipher names — rates each suite as Strong, Weak, or Deprecated and explains why.

Use Tool →
🔑

Password Entropy Calculator — Crack Time Estimator

3,177 views

Calculate the information-theoretic bit entropy of any password or API key. Detects character set pools automatically, shows the total number of possible combinations, and estimates crack time across five attack scenarios from rate-limited web logins to GPU cracking clusters.

Use Tool →
🔍

Secret Scanner — API Key & Credential Detector

2,982 views

Scan pasted text, code, or config files for accidentally exposed API keys, tokens, passwords, and private keys. Detects 50+ secret types across AWS, GitHub, Stripe, OpenAI, and more — all client-side, nothing leaves your browser.

Use Tool →

Related API & Backend Tools

⏱️

API Latency Budget Calculator — Plan Distributed System Performance

Set a P99 SLO latency target and distribute the budget across your upstream service dependencies. See remaining headroom, utilization percentage, a stacked allocation bar, and a per-service breakdown with optional P99 actual measurements.

Use Tool →
📝

REST Endpoint Documenter — Markdown Doc Generator

Document a REST endpoint quickly by entering the URL, method, headers, and sample request/response. Generates formatted Markdown documentation and an example cURL command instantly.

Use Tool →
📡

Server-Sent Events (SSE) Formatter — Build and Debug Real-Time Streams

Build Server-Sent Events messages with id, event, data, retry, and comment fields for testing SSE endpoints. Fill in each field individually and instantly see the correctly formatted SSE message string with double-newline terminator. Supports multi-line data fields, keep-alive comment lines, and an escaped wire-format view. Five presets cover the most common SSE patterns. Free and runs entirely in your browser.

Use Tool →
🚦

API Gateway Rate Limiting Calculator — Model RPS, Burst, and Token Buckets

Calculate token bucket size and refill rate from RPS targets for API gateway throttling. Enter your steady-state requests per second, burst multiplier, and average response time — the calculator outputs the bucket capacity, refill rate, per-minute and per-hour quotas, and concurrent connection estimate. Generates ready-to-paste throttling config for AWS API Gateway, Kong, and Nginx. Free and runs entirely in your browser.

Use Tool →
🔐

OAuth Token Validator — JWT & OIDC Decoder

Validate and inspect OAuth tokens in your browser. Decode JWT access tokens and ID tokens to view claims, scopes, and expiry. Analyse opaque tokens for entropy and format. Free and private.

Use Tool →
🐇

AMQP Exchange Configuration Simulator — Map Routing Keys and Queue Bindings

Generate RabbitMQ channel declaration code for Node.js (amqplib) and Python (pika). Select an exchange type, configure durability and options, add queue bindings with routing keys, and instantly get production-ready assertExchange and bindQueue calls. Supports all four exchange types: direct, fanout, topic, and headers. Four presets cover the most common RabbitMQ patterns. Free and runs entirely in your browser.

Use Tool →
🗄️

HTTP Cache Header Generator — Optimize Browser & CDN Caching

Generate Cache-Control, Vary, and ETag headers for web and API responses. Select a caching strategy (public, private, no-cache, no-store), set browser and CDN TTLs, and configure advanced directives like stale-while-revalidate. Outputs ready-to-use snippets for nginx, Express.js, and Apache.

Use Tool →
🔄

HTTP Retry Policy Builder — Configure Resilient API Client Logic

Configure max retries, initial delay, backoff multiplier, jitter, max delay cap, and retryable HTTP status codes to instantly generate ready-to-use retry policy code for Axios (with axios-retry), native Fetch API (Node 18+ and node-fetch), and Go net/http. Supports presets for Standard, Aggressive, Conservative, and Rate-Limit Aware policies. All code is generated in your browser — free, instant, no signup.

Use Tool →

Share Your Feedback

Help us improve this tool by sharing your experience

We will only use this to follow up on your feedback