Missing 429 response

owasp:api4:2019-rate-limit-response-429

Rule Severity:

High

Ensure API specifications include definitions for 429 responses.
This rule applies at the API Specification level (OAS/Swagger).
APIs endpoints that do not return HTTP status codes descriptions are more difficult to use for developers. Adding standard responses to API specifications ensures use of those APIs is predictable and safe.

1. How to Identify with Example Scenario

Find the text in bold to identify issues such as these in API specifications

responses: '200': # missing '429' response definition description: OK content: text/plain: schema: type: string

2. How to Identify with Example Scenario

Find the text in bold to identify issues such as these in API specifications

1. How to Resolve with Example Scenario

Find the text in bold to identify issues such as these in API specifications

responses: '429': description: Too Many Requests # a description is required content: text/plain: schema: type: string

2. How to Resolve with Example Scenario

Modify the text in bold to resolve issues such as these in API specifications
References: