OpenAPI Validator

Paste a JSON or YAML OpenAPI spec — structural lint plus internal $ref resolution and schema validation against OpenAPI 2.0 / 3.0 / 3.1.

Runs 100% client-side
On this page4 sections

Structural lint + $ref resolution + schema validation

Checks required fields, HTTP methods, and parameter shapes instantly, then resolves internal $ref pointers and validates against the OpenAPI 2.0 / 3.0 / 3.1 schema. Does not follow external $ref, check semantic or business-logic correctness, or verify that a live server matches the spec.

HOW TO USE

  1. 01Paste an OpenAPI 3.x or Swagger 2.0 spec in JSON or YAML and click Validate Spec.
  2. 02Read the structural findings first — missing info block, invalid HTTP methods, empty paths, bad parameter locations.
  3. 03When the structure is clean, the deep pass runs: it resolves internal $ref pointers and validates the spec against the OpenAPI 2.0 / 3.0 / 3.1 schema.
  4. 04Fix the flagged items — broken or missing references and schema violations — before generating client code.

Try it

Paste a spec whose schema references #/components/schemas/Missing to see the broken-$ref finding

WHEN TO USE

Use for a quick structural sanity-check on an OpenAPI spec plus deeper $ref resolution and schema validation before committing it or generating client code. The instant structural lint checks required fields, HTTP methods, and path shapes; the deep pass then resolves internal $ref pointers and validates against the OpenAPI 2.0 / 3.0 / 3.1 schema. It validates the spec document — not a live server — and the deep pass surfaces one schema/reference error at a time rather than an exhaustive list. It does not follow external $ref or judge semantic/business-logic correctness.

WHAT BUGS THIS FINDS

  • Broken $ref pointer

    A $ref pointing to a nonexistent component (e.g. #/components/schemas/Missing) — the deep pass resolves references and flags the dangling pointer the structural lint can't see.

  • Circular $ref

    Schemas that reference each other in a cycle (A → B → A) — the deep pass resolves them without hanging, so you can confirm the structure is intentional.

  • Schema-invalid types and enums

    A wrong type (type: "strng") or an illegal enum value passes the structural lint but fails OpenAPI schema validation — surfaced with the JSON path to the offending field.

  • Missing info block

    Specs without info.title or info.version break most code generators and API documentation tools.

  • Invalid HTTP method names

    Typos like 'DELET' or 'get' (lowercase) are structurally invalid and cause code-gen failures.

  • Invalid parameter locations

    A parameter declared with in: 'body' (OpenAPI 3.x removed it — use requestBody) causes silent failures in generators.

QA USE CASES

01

Validate a $ref-heavy real spec

Paste a spec that reuses shared component schemas via $ref — the deep pass resolves the references and confirms the whole document validates against the OpenAPI schema.

02

Catch a broken reference before codegen

Find a $ref pointing at a nonexistent component (a typo or a deleted schema) before it breaks the client generator or mock server.

03

Full schema-compliance pre-commit check

Confirm types, enums, and required fields conform to the OpenAPI 2.0/3.0/3.1 schema — catches violations the structural lint can't see — before merging the spec.

04

Catch missing required fields

Find specs missing info.title, info.version, or the paths object before they reach the CI spec-gen pipeline.

05

Validate path and method structure

Confirm paths use valid HTTP methods (GET/POST/PUT/PATCH/DELETE/HEAD/OPTIONS) and are not accidentally empty.