Google Analytics · API Governance Rules

Google Analytics API Rules

Spectral linting rules defining API design standards and conventions for Google Analytics.

66 Rules error 18 warn 22 info 26

Rule Categories

delete deprecated external get info no openapi operation parameter patch paths post put request response schema security servers tags

Rules

error

info-title-required

API title must be present and non-empty.

$.info

warn

info-title-format

API title should follow the pattern "Google Analytics [Name]".

$.info.title

error

info-description-required

API description must be present and meaningful.

$.info

warn

info-description-min-length

API description should be at least 50 characters to be meaningful.

$.info.description

error

info-version-required

API version must be specified.

$.info

warn

info-contact-required

Contact information should be provided.

$.info

info

info-contact-name

Contact name should be provided.

$.info.contact

info

info-contact-url

Contact URL should be provided.

$.info.contact

warn

info-license-required

License information should be provided.

$.info

info

info-terms-of-service

$.info

error

openapi-version-3

OpenAPI version must be 3.0.x.

error

servers-defined

At least one server must be defined.

error

servers-https-only

Server URLs must use HTTPS.

$.servers[*].url

info

servers-description

Server entries should have descriptions.

$.servers[*]

info

servers-google-domain

Server URLs should use googleapis.com or google-analytics.com domains.

$.servers[*].url

error

paths-no-trailing-slash

Paths must not have trailing slashes.

$.paths

error

paths-no-query-strings

Paths must not contain query strings.

$.paths

info

paths-version-prefix

Paths should include a version prefix (e.g., /v1beta/, /v1/, /v3/).

$.paths

info

paths-no-uppercase-in-segments

Path segments (excluding parameters and custom actions) should use lowercase.

$.paths

warn

paths-path-params-camelcase

Path parameters should use camelCase.

$.paths

error

operation-description-required

Every operation must have a description.

$.paths[*][get,post,put,patch,delete]

warn

operation-description-min-length

Operation descriptions should be at least 20 characters.

$.paths[*][get,post,put,patch,delete].description

error

operation-operationid-required

Every operation must have an operationId.

$.paths[*][get,post,put,patch,delete]

error

operation-operationid-unique

Operation IDs must be unique across the API.

warn

operation-operationid-format

Operation IDs should use dot-notation (service.resource.action) or camelCase.

$.paths[*][get,post,put,patch,delete].operationId

warn

operation-tags-required

Every operation must have at least one tag.

$.paths[*][get,post,put,patch,delete]

info

operation-tags-single

Operations should have exactly one tag for clean grouping.

$.paths[*][get,post,put,patch,delete].tags

warn

tags-defined

Global tags array should be defined.

info

tags-title-case

Tag names should use Title Case (e.g., "Account Summaries", "Data Streams").

$.tags[*].name

error

parameter-description-required

All parameters must have a description.

$.paths[*][get,post,put,patch,delete].parameters[*]

warn

parameter-query-camelcase

Query parameters should use camelCase.

$.paths[*][get,post,put,patch,delete].parameters[?(@.in=='query')]

warn

parameter-path-camelcase

Path parameters should use camelCase.

$.paths[*][get,post,put,patch,delete].parameters[?(@.in=='path')]

error

parameter-schema-type-required

Parameters must have a schema with a type defined.

$.paths[*][get,post,put,patch,delete].parameters[*].schema

info

parameter-pagination-page-size

Pagination limit parameters should be named pageSize.

$.paths[*].get.parameters[?(@.in=='query')]

info

parameter-pagination-page-token

Pagination cursor parameters should be named pageToken.

$.paths[*].get.parameters[?(@.in=='query')]

info

parameter-no-api-key-in-query

API keys should be passed in headers, not query parameters.

$.components.securitySchemes[?(@.type=='apiKey')]

warn

request-body-json-content

Request bodies should use application/json content type.

$.paths[*][post,put,patch].requestBody.content

info

request-body-description

Request bodies should have a description.

$.paths[*][post,put,patch].requestBody

error

response-success-required

Every operation must define a success response (2xx).

$.paths[*][get,post,put,patch,delete].responses

error

response-description-required

All responses must have a description.

$.paths[*][get,post,put,patch,delete].responses[*]

warn

response-success-json-content

Success responses with bodies should use application/json content type.

$.paths[*][get,post,put,patch].responses.200.content

warn

response-success-schema

Success responses with JSON content should have a schema defined.

$.paths[*][get,post,put,patch].responses.200.content.application/json

info

response-401-defined

Operations with security should define a 401 Unauthorized response.

$.paths[*][get,post,put,patch,delete][?(@.security)]

info

response-403-defined

Operations with security should define a 403 Forbidden response.

$.paths[*][get,post,put,patch,delete][?(@.security)]

info

response-400-for-post

POST operations should define a 400 Bad Request response.

$.paths[*].post.responses

warn

schema-names-pascalcase

Schema names should use PascalCase.

$.components.schemas

warn

schema-type-required

Schemas should have a type defined.

$.components.schemas[*]

info

schema-properties-snake-case

Schema properties should use snake_case or camelCase consistently.

$.components.schemas[*].properties

info

schema-description-top-level

Top-level schemas should have a description.

$.components.schemas[*]

info

schema-enum-uppercase

Enum values should use UPPER_CASE_WITH_UNDERSCORES.

$.components.schemas[*].properties[*].enum[*]

warn

security-global-defined

Global security should be defined or operations should have individual security.

warn

security-schemes-defined

Security schemes should be defined in components.

$.components

info

security-scheme-description

Security schemes should have descriptions.

$.components.securitySchemes[*]

error

security-oauth2-flows

OAuth2 security schemes should have properly defined flows.

$.components.securitySchemes[?(@.type=='oauth2')]

warn

security-oauth2-scopes

OAuth2 flows should define scopes.

$.components.securitySchemes[?(@.type=='oauth2')].flows[*]

error

get-no-request-body

GET operations must not have a request body.

$.paths[*].get

warn

delete-no-request-body

DELETE operations should not have a request body.

$.paths[*].delete

info

post-request-body

POST operations should have a request body.

$.paths[*].post

info

put-request-body

PUT operations should have a request body.

$.paths[*].put

info

patch-request-body

PATCH operations should have a request body.

$.paths[*].patch

error

no-empty-descriptions

Descriptions must not be empty strings.

$..description

info

external-docs-encouraged

External documentation link should be provided.

warn

external-docs-url

External documentation should have a URL.

$.externalDocs

warn

deprecated-description

Deprecated operations should explain the deprecation in their description.

$.paths[*][get,post,put,patch,delete][?(@.deprecated==true)]

info

schema-deprecated-description

Deprecated schema properties should explain the deprecation.

$.components.schemas[*].properties[?(@.deprecated==true)]

info

response-examples-encouraged

Success responses should include examples.

$.paths[*][get,post,put,patch].responses.200.content.application/json